Improvement of Software Quality by Test Coverage and Risk Oriented Approach

Essien, Happiness Udo

06 November 2023

Software Quality is a key priority in any company involves with software development. Quality which can be describe as a distinguish feature of a software, has a high competitive advantage for most business organisations, especially during this turbulent time with the world battling pandemic. Software has grown and diversifies to ease our day to day life, therefore, the role of quality assurance activities has increase and become extremely important and complex. However, successful software which meets customer’s requirement and expectation depends on the quality of the software. In order to maintain the quality of their applications, several development industries have revised their quality procedure. DevOps and agile development have greatly improved the success rate of software projects with the introduction of test coverage measures. The purpose of this thesis is to implement existing test coverage metrics which are used for improving and measuring the quality of software in order to help reduce excess time consumption, overshooting of budget and maintain scope within requirement. The software quality metrics selected for this study is the ISO 9000 and the core focus area to implement this quality metrics is on unit test, integration test and acceptance test. For this requirement, a design workflow using a flowchart to get a clear description of the work process will be created, configuration of DevOps environment for the pipelines which combines continuous integration and continuous development (CI/CD) to test and build our code constantly and consistently with SonarCloud. Finally, configuration of TestProject for creating automated test script and automated acceptance test execution with automatic generation of test report as well as evaluating the quality of the software product based on the test execution and coverage result. The documentation for this implementation will contain all the steps necessary to configure the test coverage metrics. The metrics will be used to create unit tests, integration tests, and acceptance tests for web applications that run on a variety of browsers and versions, including Chrome Version 103.0.1264.37, Edge Version 103.0.5060.114, and Firefox Version 103.0.

info:eu-repo/classification/ddc/000

ddc:000

Software

Challenges of Implementing DevOps in Embedded Application Development

PULA, PAVAN KUMAR

January 2023

Background : Embedded system consists of both hardware and software. Boththese hardware and software development teams must be worked together to complete the project successfully, which requires a lot of communication among theteams. DevOps is an evolution of agile development that bridges communicationgap between teams. Since Embedded systems are not service-based, it isn’t easy toimplement DevOps. So there is a need to study what challenges are currently facedin implementing embedded application development. Objectives: The focus of this thesis was to gather the challenges and mitigationstrategies to overcome these challenges faced during the implementation of DevOpsin Embedded application development, along with mitigation strategies followed toovercome these challenges. Methods: In this thesis, surveys, and interviews were selected as research methods to identify challenges faced while implementing DevOps in embedded systemapplication development and mitigation strategies, and the survey was considered tocollect demographic questions. Results: A survey was conducted to identify embedded developers with experienceimplementing DevOps for Embedded Application Development. Out of 19 surveyresponses, 12 respondents were further interviewed for detailed information. Datacollected from the interviews are analyzed using thematic analysis and narrativeanalysis. Conclusions: From the analysis, the research concludes that continuous testingis the most challenging phase to implement. Continuous testing and continuous integration are the phases that need to be focused on more for the future implementationof DevOps

Embedded systems

DevOps in Embedded systems

CI/CD

Continous monitoring

Continuous Testing

Continous Deployment.

Software Engineering

Programvaruteknik

A Data-Driven Approach for Incident Handling in DevOps

Annadata, Lakshmi Ashritha

January 2023

Background: Maintaining system reliability and customer satisfaction in a DevOps environment requires effective incident management. In the modern day, due to increasing system complexity, several incidents occur daily. Incident prioritization and resolution are essential to manage these incidents and lessen their impact on business continuity. Prioritization of incidents, estimation of recovery time objective (RTO), and resolution times are traditionally subjective processes that rely more on the DevOps team’s competence. However, as the volume of incidents rises, it becomes increasingly challenging to handle them effectively.  Objectives: This thesis aims to develop an approach that prioritizes incidents and estimates the corresponding resolution times and RTO values leveraging machine learning. The objective is to provide an effective solution to streamline DevOps activities. To verify the performance of our solution, an evaluation is later carried out by the users in a large organization (Ericsson).  Methods: The methodology used for this thesis is design science methodology. It starts with the problem identification phase, where a rapid literature review is done to lay the groundwork for the development of the solution. Cross-Industry Standard Process for Data Mining (CRISP-DM) is carried out later in the development phase. In the evaluation phase, a static validation is carried out in a DevOps environment to collect user feedback on the tool’s usability and feasibility.  Results:  According to the results, the tool helps the DevOps team prioritize incidents and determine the resolution time and RTO. Based on the team’s feedback, 84% of participants agree that the tool is helpful, and 76% agree that the tool is easy to use and understand. The tool’s performance evaluation of the three metrics chosen for estimating the priority was accuracy 93%, Recall 78%, F1 score 87% on average for all four priority levels, and the BERT accuracy for estimating the resolution time range was 88%. Hence, we can expect the tool to help speed up the incident response’s efficiency and decrease the resolution time.  Conclusions: The tool’s validation and implementation indicate that it has the potential to increase the reliability of the system and the effectiveness of incident management in a DevOps setting. Prioritizing incidents and predicting resolution time ranges based on impact and urgency can enable the DevOps team to make well-informed decisions. Some of the future progression for the tool can be to investigate how to integrate it with other third-party DevOps tools and explore areas to provide guidelines to handle sensitive incident data. Another work could be to analyze the tool in a live project and obtain feedback.

Incident Handling

DevOps

Machine Learning

Prioritization

Topic Modeling

Software Engineering

Programvaruteknik

Investigate the benefits and challenges of adopting the DevOps culture

Taleb, Abdo

January 2022

Companies follow different approaches in the life cycle of software, but usually, activities are divided into different teams, the most important teams are the development team and the operations team. Often the goals of the operations team and the development team are different, which results in an escalating relationship between the two teams, and a conflict occurs between teams due to the blame of responsibility on each other, which in turn leads to long delivery periods and ineffective delivery methods. To solve these problems, the DevOps approach emerged, which is an acronym for the two words development and operations. This approach aims to align both the development team and the operations team and break the barriers between them by working as one team toward a single goal that shares everyone the responsibility. Thus, the speed of the program delivery process increases and the company provides better services to its customers. Since DevOps is a new approach and many companies tend to adopt this approach, this study aims to investigate the benefits of the DevOps approach and the challenges involved in adopting this approach. This study summarized that the adoption of DevOps approach has an impact on the companies in several aspects. The research presents the most important challenges that the DevOps attempts to overcome, DevOps tools that helps to achieve the value of DevOps, and the benefits of the DevOps approach.

DevOps

Development and Operations

Software development life cycle

SDLC

Software Engineering

Programvaruteknik

NLP-based Failure log Clustering to Enable Batch Log Processing in Industrial DevOps Setting

Homayouni, Ali

January 2022

The rapid development, updating, and maintenance of industrial software systems have increased the necessity for software artifact testing. Some medium and large industries are forced to automate the test analysis process due to the proliferation of test data. The examination of test results can be automated by grouping them into subsets comprised of comparable test outcomes and their batch analysis. In this instance, the first step is to identify a precise and reliable categorization mechanism based on structural similarities and error categories. In addition, since errors and the number of subgroups are not specified, a method that does not require prior knowledge of the target subsets should be implemented. Clustering is one of the appropriate methods for separating test results, given this description. This work presents an appropriate approach for grouping test results and accelerating the test analysis process by implementing multiple clustering algorithms (K-means, Agglomerative, DBSCAN, Fuzzy-c-means, and Spectral) on test results from industrial contexts and comparing their time and efficiency in outputs. The lack of organization and textual character of the test findings is one of the primary obstacles in this study, necessitating the implementation of feature selection methods. Consequently, this study employs three distinct approaches to feature selection (TF-IDF, FastText, and Bert). This research was conducted by implementing a series of trials in a controlled and isolated environment, with the assistance of Westermo Technologies AB's test process results, as part of the AIDOaRT Project, in order to establish an acceptable way for clustering industrial test results. The conclusion of this thesis shows that K-means and Agglomerative yield the highest performance and evaluation scores; however, the K-means is superior in terms of execution time and speed. In addition, by organizing a Focus Group meeting to qualitatively examine the results from the perspective of engineers and experts, it can be determined that, from their perspective, clustering results increases the speed of test analysis and decreases the review workload.

natural language processing

failure clustering

nightly testing

industrial devops

Computer Engineering

Datorteknik

Examining the Effect of DevOps Adoption capability on organizational agility

Burrell, Iris Shendell

January 2018

The purpose of this research is to investigate the effect of DevOps adoption on organizational agility. The first chapter establishes through literature review and a pilot study, a theoretical definition of DevOps and identifies through survey data, the key DevOps adoption capabilities. The definition and key capabilities identified during the pilot study establishes the foundation through which a subsequent study is performed. The second chapter details an examination of the effects of DevOps adoption capability on organizational agility. Through capability theory, we propose that DevOps adoption capability positively affects organizational agility. We also propose that the capabilities of collaboration/communication, continuous monitoring, measurement and automation positively affect DevOps adoption capability and likewise; the capabilities of responsiveness, competency, flexibility, and quickness affect organizational agility capability. We test our model with survey data collected from 333 respondents and find that our hypotheses are supported and that DevOps adoption capability has a positive effect on organizational agility capability. / Business Administration/Management Information Systems

Information Technology

Business Administration

Computer Science

Agile

Capability Theory

Development Operations

Devops

Dynamic Capability

Organizational Agility

Teaching software testing in a modern development environment / Lära ut mjukvarutestning i en modern utvecklingsmiljö

Gawell, Anders, Kallin, Anton

January 2019

All developers understand the benefits of testing their code to ensure its functionality. Today’s market is moving further towards design principles where testing is a central or driving force during development. This puts a certain pressure on academia to supply these skills to their students.Recently the course II1302 Projects and project methods at the Royal Institute of Technology in Kista made a concerted effort to introduce the students of the course to these modern concepts. This thesis investigates how areas of testing can effectively be introduced to the students in the course, utilizing a tailored example that takes the area of testing into particular consideration and how to automate it via DevOps-tools provided by a cloud-based service. Further, it also makes an attempt to provide additional material to be used for teaching testing in conjunction with the example provided.The case study covers the development of an example application, meant to mirror a typical student project. It also covers how this was used for teaching the students about the testing areas considered. The covered testing areas include unit testing, integration testing and UI testing. With these given testing areas, the application and an associated learning module was developed for each area in question. Relevant standards, strategies and approaches was also identified for each of these areas.The thesis also presents important properties to take into consideration when developing similar examples in the future, based on the experiences obtained during the study. These include needs such as understandable by inexperienced students, applicability outside the course, adherence to established standards, tools that are simple to use and an architectural structure that allows for testing.Some improvements are also recommended: the students would benefit from learning software testing from an early stage of their studies. The content of the learning modules should also be brought to the students earlier in the course, so it can be applied in their projects at an early stage as well.Further research is also recommended to evaluate the suitability of using other cloud-based environments instead, and to evaluate the applicability of the learning modules for students of varying disabilities. / Alla utvecklare förstår fördelarna med att testa kod för att garantera dess funktionalitet. Dagens industri går i en riktning där testning spelar en central del av design under utveckling av mjukvara. Denna tendens lägger en viss press på högskolan att lära ut dessa erfarenheter till dess studenter.På senare tid har kursen II1302 Projekt och projektmetoder på Kungliga Tekniska Högskolan i Kista tagit en stor ansats för att introducera sina studenter inför dessa moderna koncept. Denna uppsats undersöker hur testningsområdet effektivt kan introduceras till studenterna inom denna kurs, genom att utnyttja ett egengjort exempel som har området i fokus, samt att automatisera detta via DevOps-verktyg tillhandahållna av molnbaserade tjänster. Dessutom görs även en ansats för att tilldela ytterligare material som kan användas för att lära ut testning av mjukvara i samband med det givna exemplet.Fallstudien omfattar utvecklingen av en exempelapplikation, som var avsedd att likna ett typiskt studentprojekt. Den täcker även hur denna användes för att lära ut de betraktade testningsområdena till studenterna. De täckta områdena av testning inkluderar enhetstestning, integrationstestning och testning av användargränssnitt. Med dessa givna testningsområden utvecklades både applikationen och dess associerade lärmoduler för vardera testningområde i fråga. Relevanta standarder, strategier och metoder var också identifierade för vardera av dessa områden.Denna uppsats presenterar även ett antal viktiga egenskaper att hålla i åtanke vid utveckling av liknande exempel i framtiden, baserat på erfarenheterna från studien. Detta inkluderar behov som tillgänglighet för mindre erfarna studenter, applicerbarhet utanför själva kursen, tillämpning av etablerade standarder, utnyttjande av lättanvända verktyg och en arkitektur som tillåter testning.Några förbättringar föreslås även: studenterna skulle gynnas av att lära sig om mjukvarutestning i ett tidigt skede av sina studier. Innehållet i lärmodulerna bör även presenteras för studenterna tidigare i kursen för att kunna appliceras i deras projekt.Ytterligare forskning rekommenderas även för att utvärdera andra lämpliga molnbaserade miljöer, samt för att utvärdera tillämpbarheten av lärmodulerna hos studenter med inlärningssvårigheter.

Teaching

DevOps

Test automation

Node.js

Unit testing

Integration testing

UI testing

Continuous Delivery

Continuous Integration

Student project

Cloud services.

Undervisning

DevOps

testautomatisering

Node.js

enhetstesting

integrationstestning

UI-testning

Continuous Delivery

Continuous Integration

studentprojekt

molntjänster.

Computer and Information Sciences

Data- och informationsvetenskap

Evaluating the Performance and Capabilities of Popular Android Mobile Application Testing Automation Frameworks in Agile/ DevOps Environment

Baktha, Kishore

January 2020

The number of mobile applications has increased tremendously over the last decade, thereby also having increased the importance of mobile application testing. Testing is a very crucial process in the development of a mobile application to ensure reliability and proper functionality. In an Agile/DevOps environment, test automation is an integral part in order to support the continuous integration and continuous delivery/deployment principle. There is a plethora of mobile application testing automation frameworks available in the market today. Android testing frameworks were chosen for this study because of the prevalence of Android applications in the market today. The focus of this study is the comparison of the most popular mobile application testing automation frameworks in terms of performance and capabilities in an Agile/DevOps environment. In order to achieve this, firstly, the three most popular mobile application testing automation frameworks to be used for the study were identified. Secondly, the Key Performance Indicators and capabilities to be used for comparison of the frameworks were identified. Then, test cases in a complex mobile application were designed for analysing the frameworks based on the criteria gathered. Finally, the test cases were integrated in a Continuous Integration/ Continuous Delivery pipeline to gather results and perform a more detailed comparison in an Agile/DevOps environment. From this study, Espresso turned out to be the best framework in terms of KPI analysed beating the other frameworks in all the KPIs, while Robotium was second best followed by Appium. But on the other hand, Appium was the best framework in terms of capabilities by having ability to execute the maximum number of capabilities analysed followed by Robotium while Espresso was the worst framework in this criteria. / Antalet mobilapplikationer har ökat enormt under det senaste decenniet och därmed har även vikten av mobilapplikationstest ökat. Testning är en mycket viktig process i utvecklingen av en mobilapplikation för att säkerställa tillförlitlighet och korrekt funktionalitet. I en Agile/DevOps miljö är testautomation en viktig del för att stödja principen av kontinuerlig integration och kontinuerlig leverans/driftsättning. Det finns en mängd ramverk för automatiserad testning av mobilapplikationer på marknaden idag. Testramverk för Android valdes för denna studie på grund av utbredningen av Android-applikationer på marknaden idag. Fokus för denna studie är jämförelsen av de mest populära automatiserade testramverk för mobilapplikationer med avseende på prestanda och lämplighet i en Agile/DevOps miljö. För att uppnå detta, identifierades först de tre mest populära automatiserade testramverk för mobilapplikationer som skulle användas för studien. Sedan identifierades de viktigaste resultatindikatorerna och kapaciteterna som skulle användas för att jämföra ramverken. Därefter designades testfall i en komplex mobilapplikation för att analysera ramverken baserat på de bestämda kriterierna. Slutligen integrerades testfallen i en pipeline för kontinuerlig integration /kontinuerlig leverans för att samla resultat och utföra en mer detaljerad jämförelse i en Agile/DevOps miljö. Från denna studie visade sig Espresso vara det bästa ramverket när det gäller KPI-analys, som slog de andra ramarna i alla KPI: er, medan Robotium var näst bäst följt av Appium. Men å andra sidan var Appium det bästa ramverket med avseende på kapacitet. Den hade förmågan att utföra det maximala antalet kapacitet som analyserades, följt av Robotium medan Espresso var det sämsta ramverket i dessa kriterier.

Mobile Applications

Agile/DevOps

Key Performance Indicators

Espresso

Appium

Robotium

Mobilapplikationer

Agile/DevOps

Viktiga Resultatindikatorer

Espresso

Appium

Robotium

Computer and Information Sciences

Data- och informationsvetenskap

Security Tools in DevSecOps : A Systematic Literature Review / Säkerhetsverktyg i DevSecOps : En systematisk litteraturöversikt

Martelleur, Joel, Hamza, Amina

January 2022

DevSecOps emerged to mitigate the challenges of integrating security into DevOps. DevOps have grown tremendously, leading to difficulties in integrating security tools in its development process while maintaining speed and agility. This study aims to investigate the security tools in DevSecOps and how they have been reported in previous literature. The main objective of this study is to provide a knowledge base concerning security tools in DevSecOps that can be used to mitigate challenges regarding the selection and use of security tools in the context of DevSecOps. A systematic literature review was adopted for the research. The study collected a total of  228 studies published between 2015 and 2022; fourteen of these papers were selected to be used for data extraction after conducting a thorough review protocol. This study has identified thirteen security tool categories used or recommended to be used in DevSecOps. These tools have been structured into seven phases of the development process and five security practices. Additionally, this study has identified twelve drawbacks and sixteen recommendations concerning the use of these security tools in DevSecOps.  The security tools categories, recommendations, and drawbacks identified in this study could potentially be used to facilitate the challenges of selecting and using security tools in DevSecOps and similar methodologies that rely on automation and delivering software frequently.

DevSecOps

DevOps

Security Tools

SDLC phases

Shift Security to the Left

Continuous Security

Automation

Systematic Literature Review

DevSecOps

DevOps

Säkerhetsverktyg

SDLC-faser

Skift säkerhet till vänster

Kontinuerlig säkerhet

Automation

Systematisk litteraturgranskning

Övrig annan teknik

Performance comparison and assessment of GitHub Actions and Jenkins

Jamshidi, Sarfaraz, Iminov, Ichtiar

January 2022

There is a great demand for fast deliveries of improved and updated software in different software development areas, like Internet of Things, web, and cloud, in today’s digitalized world. Software developers and organizations must adapt to be able to deliver according to customers’ wishes, to be able to retain them, and remain competitive with other organizations. Continuous integration and continuous delivery (CI/CD) are methods used within the software development world, allowing developers to automate parts of their work to develop and deliver software faster and with better quality. Tools used for CI/CD come with different benefits and performances making it difficult for developers to choose a tool. There are numerous tools to choose from, and there is a lack of performance comparisons of them. This thesis aims to give developers a performance comparison between the two well-known CI/CD tools, GitHub Actions and Jenkins, to facilitate their choice of a CI/CD tool. The research was qualitative, inductive, and comparative. A literature study and practical tests were conducted to study the performance differences between the two wellknown CI/CD tools, GitHub Actions and Jenkins. The literature study was conducted f irst and gave the necessary knowledge to perform the practical tests, and the practical tests gave the actual results. The practical tests were performed on two different software projects ,and two different tests per projec, per server were conducted. The results from both projects indicated apparent differences in performance between GitHub Actions and Jenkins, as Jenkins ran faster than GitHub Actions while running on a Windows server, and GitHub Actions ran faster than Jenkins while running on an Ubuntu server. These findings indicate that the two well-known CI/CD tools perform differently depending on the server the developers would use these tools. It can not be concluded that one of the tools has better performance than the other; instead, one tool has better performance depending on the operating system the tool is running on. If the developers were to use the tools on an Ubuntu server, GitHub Actions would be the preferred tool, and if they were to use the tool on a Windows server, Jenkins would be the preferred tool. / Det finns en stor efterfrågan på snabba leveranser av förbättrad och uppdaterad mjukvara i olika mjukvaruutvecklings områden så som Sakernas Internet, webb och moln i dagens digitaliserade värld. Mjukvaruutvecklare och organisationer måste anpassa sig för att kunna leverera till kundernas önskemål för att kunna behålla dom och förbli konkurrenskraftiga med andra organisationer. Kontinuerlig integration och kontinuerlig leverans (CI/CD) är metoder som används inom mjukvaruutvecklings världen, så att utvecklare kan automatisera delar av sitt arbete för att utveckla och leverera mjukvara snabbare och med bättre kvalité. Verktyg som används för CI/CD kommer med olika fördelar och prestanda som gör det svårt för utvecklare att välja ett verktyg. Det finns många verktyg att välja mellan och det finns en brist på prestandajämförelser av dem. Detta examensarbete syftar till att ge utvecklare en prestandajämförelse mellan de två välkända CI/CD-verktygen GitHub Actions och Jenkins, för att underlätta utvecklarens val av ett CI/CD-verktyg. En kvalitativ, induktiv och komparativ forskningsmetod användes för att genomföra denna studie. En litteraturstudie och praktiska tester genomfördes för att studera prestandaskillnader mellan de två välkända CI/CD-verktygen GitHub Actions och Jenkins. Litteraturstudien genomfördes först och gav författarna nödvändiga kunskap för att utföra dem praktiska testerna, dem praktiska testerna gav de faktiska resultaten. Praktiska testerna utfördes på två olika mjukvaruprojekt och två olika tester per projekt, en per server genomfördes. Resultaten från båda projekten visade på uppenbara skillnader i prestanda mellan GitHub Actions och Jenkins. Då Jenkins kördes snabbare än GitHub Actions när körningen kördes på en Windows server och GitHub Actions kördes snabbare än Jenkins när de kördes på en Ubuntu server. Dessa resultat tyder på att de två välkända CI/CD-verktygen fungerar olika beroende på vilken server utvecklarna skulle använda dessa verktyg på. Det går inte att dra slutsatsen att ett verktyg är bättre över det andra, i stället har ett verktyg bättre prestanda beroende på vilket operativ system verktyget körs på. Om utvecklarna skulle använda verktygen på en Ubuntu server skulle GitHub Actions vara det föredragna verktyget och om utvecklarna skulle använda verktyget på en Window server skulle Jenkins vara det föredragna verktyget.

CI/CD

Performance

GitHub Actions

Jenkins

Development and Operations (DevOps)

CI/CD

Prestanda

GitHub Actions

Jenkins

Development and Operations (DevOps)

Computer Engineering

Datorteknik