A distinguishing characteristic of software development which
Secret Orange endeavours to continually build upon
is "Quality". Some aspects of software development which it feels
are important to contributing to quality are detailed below:
Ensuring Quality Design
- Minimise complexity Sometimes developers are
tempted to create "complex" software simply because they can. For
quality to prevail, the developer should strive to ensure that the
solution is as "simple" as possible. Not only will this inevitably
lead to a lower bug count, it will aid "ease of maintenance" and
flatten the learning curve for unfamiliar developers picking up the
project.
- Ease of Maintenance A System typically
requires maintenance, often carried out by a developer who wasn't
part of the original team. As a contractor Secret
Orange always bears in mind that its not only programming
for the client but also the developer who will be
maintaining/enhancing the system at a later date. Secret
Orange designs and builds applications to be easily
configurable and updateable, ensuring that the system is as
self-explanatory as possible.
- Reusability Reusability is an important part
of building quality software. If classes and components are
abstracted correctly, they can be reused in the application and
even across multiple applications. With the use of inheritance and
polymorphism we can also extend our reusable "abstract" classes and
tailor them to accommodate specific requirements.
When building applications Secret Orange is
always thinking about how it can abstract the code block and
include it in a Common Code Library.
Reusability increases productivity and enhances "Ease of
Maintenance", keeping bug counts lower and therefore increasing
quality.
- Extensibility It is unlikely that a system
will be built, tested, deployed and then never touched again. A
more likely scenario is that the customer will require the system
to be enhanced as time goes by, maybe due to changes in technology
or new business requirements.
When building systems, Secret Orange is
continually thinking about what the customer will want the system
to achieve further down the line. Secret Orange
designs solutions that are generic and extensible. This can
influence many characteristics of the application such as the
technologies used, the way in which classes are designed to
interact with each other and even naming conventions used.
- Loose Coupling Good use of OOP principles
should ensure "Loose Coupling". Loose Coupling occurs when classes
or components are designed to operate with minimum dependency on
other classes or components. This helps with reusability,
integration, testing and maintenance.
- Standard Techniques Following standard
techniques helps new developers to feel confident with the solution
and reduces the learning curve when getting to grips with a legacy
application. Standard techniques can include
naming conventions,
API design, design pattern usage etc.
The recent release of the Microsoft's
Enterprise Library is a good example of using standard, proven
techniques (assuming the library is widely adopted of course)
Coding Standards
Secret Orange follows some of its own coding
standards but will happily adapt these to fit in with an
organisations existing standards if need be.
Defensive Programming
Defensive programming involves continually checking the validity
of data before operating on it. This is typically a problem when
operating on data inputted by the user but the bad data could also
originate from an erroneous routine from within the
application.
Programmers should always check the validity of data from
external sources. A common problem can occur when a text box is
used to input search terms for a database query. If the developer
hasn't programmed defensively, there is nothing stopping the user
from crafting a SQL string and submitting it with the view of
performing a SQL Injection attack. This attack could update or
delete valuable records in the database.
Testing
A more obvious element of constructing quality software is
testing. Software is tested using an array of techniques; some of
these techniques will be implemented by the developer and others by
a testing team. A developer tends to perform "clean" tests as a way
to "prove" that the code works whereas a better approach to take is
to perform "dirty" tests and attempt to prove that the code doesn't
work.
When writing software, Secret Orange
continually attempts to "break" code by passing routines erroneous
data and performing stress tests. This helps ensure that the
application will function as expected under all the conditions that
you would expect (or not expect) in a production environment.
Testing can be split into different categories, typically know
as:
- Unit Testing
This involves testing a complete class, routine or small
program. The main characteristics of this type of testing are that
it involves testing in isolation of the complete system.
Unit testing involves creating numerous automated test cases
which test all aspects of a piece of code. The test should also be
able to automatically determine if the result is successful or not
without the need for a human to interpret the results.
Testing for Success
This involves passing your routines valid data and ensuring that
the data is processed correctly.
Testing for Failure
This involves passing your routines invalid data and ensuring your
code deals with this appropriately and doesn't leave the
application or persistent data in a inconsistent state.
Software packages tend to be used to enable Unit Testing. A
popular .NET package that Secret Orange uses is NUnit.
- Integration Testing
Integration testing involves executing two or more classes which
interact with each other. Tests should be performed to ensure that
classes interact in the desired fashion.
- Regression Testing
This involves running previous test cases in an attempt to
ensure that nothing has been "broken" during the development
process. This can simply be achieved by re-running the automated
test scripts.
- System Testing
This involves testing the system in its entirety, with its final
configuration. The system will be tested in a "real world" testing
environment. This will typically be a "black box" test performed by
the testing team who do NOT have knowledge of what's happening
under the covers. It will test for security, performance, data
integrity and other issues that cant be tested at a unit level.