New SOA Testing Tutorial Labs introduced at STAREAST 2008

STAREAST 2008 - the "Greatest Software Testing Conference On Earth" - is taking place May 5-9, 2009 is Orlando Florida. I had the pleasure of the first, day-long SOA Testing conference back in 2006 with the Crosscheck Networks' team. This year, the team will conduct their signature day-long tutorial: "The Art and Science of SOA Testing" with a set of hands-on Labs that cover topics such as:

• SOA Functional Testing
• Operation Chaining
• SOA Identity Testing
• SOA Performance Testing
• SOA Interop Testing
• Automation through external Data Sources
• SOA Regression Testing

As the SOA Testing industry matures, this tutorial continue to align its material and labs to provide attendees a solid grounding in what aspects of SOA Testing are essential for a successful SOA deployment.

Crosscheck Networks Announces New Product: SOAPSimulator

Crosscheck Networks, the company that pioneered comprehensive SOA Testing through its product, SOAPSonar, has now launched a new "paradigm-shifting" product: SOAPSimulator that enables QA professionals and developers to start getting their work done even if the service endpoint is not ready or available.

For details on SOAPSimulator, see:

http://www.crosschecknet.com/SOAPSimulator_News_0408.php

Make sure to download the white paper from the link above.

SOA Testing using Parallels on MacBook Pro

I have finally moved over from XP to Mac and I am loving it. Now I do have a number of applications that I will probably not migrate away from - such as the MS Office Suite that I purchased for my MacBook Pro - it works like a charm and has a number of goodies that weren't available on my XP.

I also can't live without Visio and heavily use Crosscheck Networks products, SOAPSonar and SOAPSimulator - applications that are not available natively for Mac's, however, Parallels comes to the rescue. For $79.99, Parallels Desktop 3.0 for Mac has been a great investment. It is easy-to-use, fast and the images of your Operating Systems can be moved around easily. I don't know how it compares to VMWare, but I have no complaints about Parallels, yet. I like Parallels' Full Screen Mode and Coherence Mode that lets your Windows apps appear as if they are running natively within Mac OS X Leopard.

The image above shows SOAPSonar (a .NET-based SOA Testing Application) running in Parallels on a MacBook Pro.

Service Simulation - Help Jumpstart SOA Testing

Here's a paper that the folks at Crosscheck Networks have authored on how Service Simulation can accelerate your SOA Testing, Client Side Development while saving you money by eliminating the need to build an expensive "SOA Reference System."

I have seen others talk about this concept in terms of virtualization and confuse everyone - I guess using hot marketing jargon helps get attention at the expense of adding confusion. The key aspects of Service Simulation are portability and ease-of-use, without which it adds more to the project timelines than what it promises to reduce.

Here's what Service Simulation is and how it helps:

"Reusable services are the cornerstone of a successful implementation of Service Oriented Architecture (SOA). Service simulation can mimic producer services before they are implemented, an alternative to an expensive reference environment. In this paper, we cover SOA Project Lifecycle issues and how best to address them through service simulation."

For complete article, see:

Accelerate your SOA Projects Through Service Simulation

http://www.softwaremag.com/pdfs/whitepapers/Crosscheck_WP4.pdf

Better Software Magazine Cover Story: Breaking Ground on SOA

SOA Testing has really become a mainstream discipline. Better Software Magazine, a publication for QA Professionals and anyone focused on Quality, published a coverpage article on Building and Testing your first Web Service.

This article will get you started on SOA Testing in no time and provide you a good overview on how web services are built and how they can be tested. It's great article to get your feet wet with SOA and SOA Testing.

You can read the full article here.

Crosscheck Networks Announces SOA Testing Tutorial at Software Quality Engineering's STAREast 2008 Conference

Crosscheck Networks Announces SOA Testing Tutorial at Software Quality Engineering's STAREast 2008 Conference

SOA Testing is becoming a mature discipline. QA Professionals are now actively re-tooling themselves to adapt to web services-based SOA Testing requirements. For the second year running, Crosscheck Networks is conducting a 1-day intensive SOA Testing Tutorial. This is a hands-on class that starts off by first covering the fundamentals of web services-based SOA and then quickly goes into hands-on labs that cover functional, performance, interoperability, security, regression, automation and identity testing.

The course, hosted in Orlando on May 5, 2008 is limited to 30 attendees. To find out more, visit STAREast 2008 (http://www.sqe.com/stareast/)

Recent SOA Testing Publications

Here's a list of interesting SOA Testing Articles that have been published recently:

1. 5 Things SOA Vendors are Missing, by David Linthicum
   
2. Intro to SOA Regression Testing: A hands-on Approach
3. Compress your SOA Life cycle through Development and QA Collaboration
4. Automated SOA Regression Testing.

Introduction to SOA Regression Testing: A Hands-on Approach

This article published recently highlights the importance of building a sound SOA Regression framework as a part of an enterprise-wide SOA Initiative. Here's a small snippet with a link to the entire PDF document:

Regress means to go backwards. Software Regression Testing is the means of identifying unintentional errors or bugs that may have been introduced as a result of changing a program module. The program module regresses by no longer working as it used to before. Software development is an iterative process in which program modules are continually modified by teams of developers to meet changing system requirements. Typical software systems with N modules have N2 dependencies. A flaw introduced in a modified module can have significant impact across the entire system.

Link to full article: http://www.crosschecknet.com/SOA-Regression-Testing-v2.pdf

SOA Testing Article: Compress SOA Lifecycle through Development & QA Collaboration

ABSTRACT:

Web services, the foundation of modern SOA, are being rolled out today in ever increasing numbers across enterprises. The key benefit of web services is reusability of services across applications in a distributed environment. Reuse is especially valuable in exposing monolithic, legacy functionality as self-contained services. With the promise of SOA and web services come also the challenges for successful implementation and testing. These challenges fall directly on the developer and QA teams to meet deadlines while also deploying a robust,
resilient and reliable SOA solution.

The challenge of building robust and reliable services within a SOA exposes age-old fissures between Development and QA: Who is really responsible for testing across distributed environments.

In this article, we will explore the gaps and recommend ways of bridging such fissures to ensure greater efficiency in developing and deploying web services-based Service Oriented Architecture.

Get the Complete Article: http://library.theserverside.com/detail/RES/1202921605_546.html

SOA Testing Tool: SOAPSonar v3.5 Released

Crosscheck Networks, the leading provider of SOA Testing Tools announced General Availability of SOAPSonar v3.5 with the following significant features:

• Direct Database Integration for End-to-End SOA Testing
• Dynamic On-Demand Binding for abstract types
• Setting of Global Policies that can assigned to Custom Test Groups
• JUNIT Integration that enables SOAPSonar to leverage JUNIT framework
• Direct native Java key store PKI support
• Optimization techniques to parse jumbo WSDLs and Schemas

SOAPSonar has become one of the most sophisticated SOA Testing tools in the industry without sacrificing ease-of-use. We have looked at many SOA Testing tools and find SOAPSonar loaded with a tremendous breath of features and the lowest cost.

In this latest release of SOAPSonar, the part that I find really significant is the ability to do end-end-to-end testing through integration with databases. Typical web services are developed using a web services container such as BEA WebLogics, Tomcat of IBM WebSphere. The web services usually make JDBC calls to backend Databases such as MySQL, Oracle, IBM DB2. For a SOA Tester to ensure that the web services call has successfully executed requires "independently" evaluating the impact of a web services call on the database. With SOAPSonar, one can now easily set evaluation criteria that not only makes sure that the SOAP Response is evaluated for success/failure but also the state of the back-end database is evaluated to make sure that the end-to-end transaction was successful.

To download latest version of SOAPSonar, visit http://www.crosschecknet.com

SOA Testing: BEA vs. Oracle

Oracle purchase of BEA for $8.5B is a strong indicator that the tech market is in a consolidation mood. I have SOA Tested both BEA WebLogics and Oracle OC4J. For details on SOA Testing both servers, see the following articles:

1) Getting Started with Message-Level Encryption on WebLogic Server 9.2

2) Amazon EC2 and Oracle SOA Suite a Strong Combo

Having SOA Tested Both Oracle OC4J and BEA webLogics extensively, here are some items that stood out:

1) Installing Oracle OC4J was easier than WebLogics.
2) The foot print of OC4J is smaller.
3) Configuring Oracle OC4J was much easier that BEA WebLogics
4) Setting security policies within OC4J was much easier than in WebLogics
5) BPEL Process Manager components were easily configurable in OC4J.
6) The documentation and examples for setting SOA Policies were more mature in OC4J.
7) The Web Services stacks are equally mature.

I expect OC4J to do really well within the BEA install base. Oracle SOA Suite is very well packaged and will be adopted by BEA customers. I love BEA's technology, however, for rapid mass adoption, Oracle has done a better job. With this acquisition, Oracle will have a better perception in the AppServer market and will be able to capitalize on this over time. But then again, there is the great Opensource market - Tomcat.

Through my SOA Testing endeavours, I found SOAPSonar from Crosscheck Networks to do a great job in exercising the web services stacks of both app servers. Other testing vendors fell short of providing the extensive testing capabilities required withing a SOA environment. For more information about SOAPSonar, visit:

Crosscheck Networks

SOA Testing saves Planet Earth

Every tree counts, and every page that we don't print matters. Now we all know that organizations are changing from paper-based processes to electronic processes by using data transmission standards such as MTOM mostly as a cost saving and improved services level measure. But a great side effect that is often not reinforced is the fact that we are improving planet Earth by not cutting down trees and creating undue waste.

By enabling enterprise to rapidly deploy technologies such as MTOM, we can collectively accelerate electronic processing of documents. It's a win-win for everyone: Companies save money and improve processing efficiencies and our environment improves.

SOA Testing tools such as SOAPSonar provide a rapid way of testing your MTOM deployments. The following article will get you jump-started on using and testing MTOM in your enterprise - and perhaps save some trees:

Introduction to MTOM: A hands-on Approach

SOA Test Tools -- InfoWorld Test Center Report

Rick Grehan wrote a comprehensive report titled "Clean up your SOAP-based Web services - The Test Center inspects five worthy tools for keeping your services squeaky clean." The report compares and rates commercial SOA Testing tools from the following vendors:

1. Crosscheck Networks
2. AdventNet
3. Mindreef
4. Parasoft
5. iTko

You can read the report at:

http://www.infoworld.com/article/07/11/26/48TC-web-services-test-tools_6.html

SOA Testing - It's gaining traction

STARWEST 2007 is the premier conference for QA/Testing professionals. With over 1000 attendees focused on learning the latest testing techniques, the conference serves as a benchmark for what is relevant to the testing community.

This year, we are thrilled to see the testing community starting to focus on and learn about the nuances of modern web services-based SOA Testing. The increasing number of SOA Testing related offering at STARWEST 2007 serves as a good bechmark for the increase in relevance and activity in this area. The following talks and courses are presented this year realted to SOA Testing:

The Coming SOA Revolution: What It Means To Testers -- Frank Cohen, PushToTest

Testing SOA Applications: What’s New, What’s Not -- Brian Bryson, IBM

Ensuring Quality in Web Services -- Chris Hetzler, Appolis Software

The Art and Science of SOA Testing -- Mamoon Yunus & Rizwan Mallal, Crosscheck Networks

This is the second event where we are presenting a day long course on SOA Testing. STAREAST 2007, hosted in Orlando, FL was the first day long course offered exclusively on SOA Testing in the industry. We are on v2 of this course with more structured Labs. I hope the attendees like it more than the v1 offering at STAREAST 2007 - although an 8.9 average from 28 attendees will be tough to beat.

SOA Testing Goes Academic

I came across a recent publication titled Testing in a SOA World presented at The Proceedings of the International Conference on Information Technologies (InfoTech-2007), September 21-23, 2007, Bulgaria.

Here's the Abstract:

"Abstract: Service-oriented architecture (SOA) is the latest attempt to better link the
business with technology. Testing a SOA applications become more and more complex,
as it should be continuous, not just in development and integration, but in deployment,
because an SOA by nature is never a static application. Even if each service in a SOA
application is tested thoroughly and carefully the quality of the final application may
suffer because testing is not enough after the integration of the services. This article
presents the challenges and problems that test teams experience when testing SOA
applications. It also summarizes how the testing of SOA is carried out now and gives
some ideas on further improvements."

The article provides a comprehensive overview of challenges facing the SOA Testing world. I am pleased to see the academic community getting involved in this area and hope that will innovate and produce exceptional original work in solving issues in SOA Testing. For the complete article, please see:

http://www.crosschecknet.com/soa_testing/TestingInAServiceOrientedWorld.pdf

SOA Testing Market Report -- the451group

Dennis Callaghan, analyst with The 451 Group, has written a comprehensive report on the state of the SOA Testing market. You have to be a member to access the report, however, here is a snippet from Dennis' piece:

"As enterprises increasingly deploy architectures where applications share and exchange data and information as services, demand will grow for tools that test these complex service interactions – a demand that traditional developer testing tools can't really meet. And so the SOA testing tools space was born and is currently populated by existing testing vendors that have developed new products to meet the particular needs of this architecture, as well as more nimble startups looking for ways to differentiate their offerings. Many of these startups, as they grow and prove the market for their software, should become attractive acquisition targets. This remains a nascent space and there has yet to be an acquisition of an SOA-specific testing company."

To read the full report, please visit www.the451group.com for a trial membership or click here - http://www.the451.com/apply/apply.php.

Adjusting for SOA Testing

SD Times recently published a good article by David S. Linthicum: Adjusting for SOA Testing. David argues that for SOA Testing, existing testing techniques and tools should not be tossed out but we need to rethink the concepts and technology behind SOA and "adjust" accordingly.

Depending on how much "adjustment" equates to a total toss out, perspectives may vary. We believe that adjusting the technology by slapping on service-orientation to testing products that were grounded in web-site testing is a severe adjustment.

How services are tested, require a clean, ground-up testing product that is built for testing services, their dependencies and re-use rather than testing web sites. The primary focus of SOA is re-use and testing tools focused on SOA need to be built with testing re-usable services in mind.

We humbly differ from David that adjusting the technology is sufficient. Tossing out web-site testing tools and adopting a SOA Testing Tool built ground-up for service testing is a better strategy that saves hours of test suite authoring for functional, performance, interoperability and vulnerability testing.

We do agree that the testing techniques need to be adjusted. One area of emphasis within SOA Testing is abstraction. Most likely, a modern SOA is built using web services with access to only a WSDL file and not the actual source code. This eliminates the ability to do White Box testing and restricts users to Blackbox or Gray Box testing. See for example: SOA Testing Tools for Black, White and Gray Box Testing.

Overall, David does a great job in bringing this discussion to everyones forethought - if quality and security are not addressed with a SOA deployment, the reuse of poor services are bound to proliferate and degrade the overall quality of a SOA.

Next Gen SOA Testing Tools: SOASOAPSonar 3.0

Crosscheck Networks recently released SOAPSonar 3.0 - the next generation of SOA Testing products with a broad array of new testing features and techniques tailored for SOA Developer, Testor and QA Professionals.

Enterprise ITPlanet Staff published a review of SOAPSonar 3.0 highlighting significant product areas and features.

http://products.enterpriseitplanet.com/security/security/1184252855.html

Web Application Security Testing - The father of SOA Security Testing

Watchfire, the maker of AppScan, a web application security testing with around $20M in annual revenue was acquired by IBM's Rational division for ~$100M. The exact price was not disclosed. Watchfire's competitor, SPI Dynamics, maker of WebInspect was subsequently acquired by HP. SPIDynamics had revenues of 18.5M for 2006 and was bought for ~$120M. Again the exact value of the deal was not disclosed.

What does this all mean for SOA Testing: The next logical step for HP and IBM is to extend web application testing into modern web services-based SOA testing. Although HP's acquisition of Mercury that had acquired Systinet, provides HP "SOA awareness," it makes startups like Crosscheck Networks, iTKO, and Mindreef prime candidates for a deeper relationship with such large vendors that are now poised to address SOA Testing.

SOA Magazine - On SOA Testing

Thomas Erl, a thought leader and specialist of everything SOA, author of Service-Oriented Architecture: A Field Guide to Integrating XML and Web Services" and "Service-Oriented Architecture: Concepts, Technology, and Design, " - both books international bestsellers, is the Site Editor and Series Editor for The SOA Magazine, a monthly online publication provided by SOA Systems Inc. and Prentice Hall/PearsonPTR and is officially associated with the "Prentice Hall Service-Oriented Computing Series from Thomas Erl."

Watch your SOA Blind Spots is published in the latest edition of The SOA Magazine. Web services testing techniques have been around for some time. However, with the increased utilization of Web services within service-oriented solutions, the demands and complexities placed on Web services are being taken to a new level. This is in sharp contrast to traditional RPC applications and integration architectures wherein the role of Web services was typically limited to point-to-point data exchanges. Now, Web services find themselves being reused across multiple service compositions and in the midst of dynamic and sophisticated runtime service activities and chains. This article raises a series of testing issues and provides recommended techniques and remedies for establishing robust Web services-based SOA implementations...

The SOA Magazine: http://www.soamag.com/default.asp

Watch your SOA Blind Spots: http://www.soamag.com/I8/0607-2.asp