Before embarking on a project, first and foremost, the ideas and product direction must be clearly defined. If the initial idea is poorly tested or the core values are not seen through, the project will inevitably have problems with the wrong values; from there, the later phases and sometimes the final result will be hindered. To avoid this situation, we should use the Proof of Concept method (POC) in software development – a term that is well-known, but no less important. Even if the proof of concept does not produce a product, it provides certain visions and estimations of the project’s pros and cons; this way we can find clear solutions that the team can go in the right direction, with the right spirit and the right product style.

In the following topic on Proof of Concept, Brugu Software solutions shows you the importance of Proof of Concept and outlines 5 critical factors for success.

What is a proof of concept in software development?

In the context of custom software development, a proof of concept is the validation of a functional or non-functional aspect of an information system or part of it, either by the technical domain or by the user domain.

For example, one could say that acceptance tests are a special kind of proof of concept.

Proof of Concept Example.

During the establishment and implementation of the project, the proof of concept was highly appreciated and played an indispensable role. Thanks to the Proof of Concept guide, project managers can identify suspicious factors and potential risks that may hinder the success of the project. The proof of concept helps both the client and the development team to agree on the value and general direction of the project; on the other hand, it helps the developers to find ways to execute the project in order to achieve the highest efficiency.

At Brugu, we will take an example of a good proof of concept, with thorough steps we take to create a successful proof of concept for our software product:

Step 1: Define customer requirements

The first and also the most important step is to clearly define the customer’s requirements. Identifying the client’s requirements helps us understand the feasibility of the project, the nature of the project, and at the same time understand the capabilities of our human resources, which allows us to identify and select the suitability of personnel for the project.

Step 2: Action planning

Next, the development team will analyze and consider the specific project requirements, establishing specific scenarios, timelines, and guidelines, as well as selecting the appropriate personnel to execute the project. Each phase of the implementation, each step will be streamlined with the time of the client and the development team.

Step 3: Implementation

Based on the established action plan, the project is implemented in a 6-step loop to ensure effectiveness.

With the implementation, a new process begins, where the customer requirements are thoroughly analyzed once again, and then proceeds to the Design step. Then the product is shaped and developed with the development, preliminary completion and testing step. In this step, the testers will carefully check the product and find out the defective points so that the developers can detect them and correct them accordingly. In the fifth stage, the product is almost completed and will be deployed soon. Developers conduct product testing with customers and move to the sixth phase – reviewing, listening to customer feedback and editing to satisfy customers and complete the products.

Step 4: Delivery

The product is now fully completed according to the requirements and spirit of the customers. We carry out the delivery of the product, and at the same time provide general information about the use of the product and some necessary information to ensure the smooth operation of the product.

Therefore,It can be considered a useful tool in the development process. However, it is appropriate to appropriately manage expectations and goals in the current context of the project and the information system, i.e., what should be validated? What are the minimum thresholds required? Does the validation meet qualitative, quantitative, or both criteria? What are the consequences if they are not met? Are the thresholds well calibrated in terms of impact on the current state of the project and the current phase of its life cycle? Who will participate in proofs of a concept and know in advance which aspects will not perform as expected?

Test levels

In a formal testing process, test levels are often very easily confused with test types, and although they are closely related, they have different connotations in the process. For better understanding, let us start from the fact that testing can be performed at any point of the software development process, and here testing levels allow us to understand the different aspects or phases in which certain tests can be performed. For this reason, it is common to refer to testing levels or try to classify them as developer testing, functional testing, and end user testing.

However, the appropriate terminology for the various levels corresponds to the following four (4) classifications: Unit Testing, Integration Testing, System Testing, and Acceptance Testing. Different types of testing may be performed at each of these test levels, such as functional, non-functional, architectural, and related product modification.

Here is a brief description of each level of evidence:

Unit or component tests: these types of tests are usually performed by the development team. They consist of the execution of activities that allow the developer to verify that the unit components are coded under robust conditions, i.e., that they support the input of erroneous or unexpected data and thus have the ability to handle errors in a controlled manner. In addition, tests of unitary components are usually referred to as module tests or class tests, although the convention established by the programming language influences the term to be used. Finally, it is important that the entire functionality of each unitary component is covered by at least two test cases, which should focus on testing at least one positive and one opposite property

Integration tests: they are also performed by the development team and consist of checking those elements of the software that interact with each other and function correctly.

System testing: this type of test should ideally be performed by a test team outside the development team, a good practice on this point corresponds to outsourcing this responsibility. The role of this entity is to perform testing activities that must verify that the overall functionality of a system has been implemented according to the specification documents defined in the project. The test cases to be designed at this test level must cover the functional and non-functional aspects of the system. To design test cases at this level, the team must use deliverable test bases, such as original requirements, use cases, user stories, blueprints, technical manuals, and end-user guides, etc.

Acceptance testing: regardless of the fact that the testing process has been outsourced and that the company responsible for these activities has issued a quality certificate for the system under test. It is essential that the customer designates personnel involved in the business processes for performing acceptance testing; in fact, it is recommended that the end users involved in this process be independent of the personnel who supported the development process. When the acceptance tests are performed in facilities or environments provided by the developer, they are called alpha tests; when they are performed in the customer’s infrastructure, they are called beta tests. In cases where the acceptance tests of the product were performed in the vendor’s environment.

On the other hand, the security of a system or application does not depend on the use of SSL protocols, firewalls, or compliance with a standard ISO 27000. Nor is the form of security testing (penetration testing) at the end of the software development cycle sufficient. Security is a factor that must be considered at every stage of development, as the production of software is a process in which it is necessary to continuously identify and correct vulnerabilities.

So the key is in the following question;

Do we build secure software?

On our website, we suggest the following tools to help develop secure software:

Checkmarx, a source code tool for security analysis, can be integrated with the most popular SW development environments (Eclipse, MS -Visual Studio, Jira, Jenkins …) and makes programmers aware of the vulnerabilities they put in their code.

Blackduck, a tool for analyzing the security, licensing, and operation of third-party open source libraries used in the developments themselves. Also integrates with common development environments.

In contrast, a security analysis tool for the running application based on IAST (Interactive Application Security Testing), or as it is also called, gray-box testing.

We help our clients implement the Secure SW Life Cycle, an essential practice:

  1. Analyzing the situation of the SW processes and the SW development tools used.
  2. Proposing the most appropriate security tools in each case.
  3. Performing concept tests for the proposed tools and their use in the customer processes validity.
  4. Training and support of development engineers.

From a practical standpoint, the number of ways to exhaustively test a system is simply unmanageable; it is then necessary to use appropriate techniques to maximize the number of significant bugs found with the resources allocated. Any method used to detect bugs leaves a residue of more subtle anomalies against which the technique is ineffective.

Software testing therefore implies the use of appropriate techniques and tools within a well-defined process determined by the nature of the software development projects one is dealing with.

Leave a Reply