It would be reassuring to just believe that all software works as is. Naïve? Sure. Unrealistic? Certainly. We all know that created software varies in quality, with Murphy’s Law (anything that can go wrong will go wrong) seeming to apply. The fact is that networks of independent testing exist in the non-software world, preventing chaos from reigning supreme.
There are two categories of testing in the non-software world: independent experts and crowd-sourced opinion. Crowd-sourced examples would be like TripAdvisor, Uber or Yelp, where one can view survey averages as well as read individual reviews. Independent testing expert such as a home inspector, health inspector or diamond authenticator. Sometimes the two even get mixed for a managed crowd solution of weighed reviews, such as Consumer Reports, MetaCritic or RottenTomatoes. All of these can help turn your semi-educated guess into a recommended reputable opinion.
These are all examples of independent testing, many of which use crowd-managed testing. While none of these testing methods is foolproof, they can all give you a level of quality assurance, a level of trust that you might not have otherwise. An informed consumer is a safe consumer.
Software is at the heart of many things we depend on every day. We have expectations every day as we use cell phones, medical devices, cars, airlines, online and in-store purchasing, bank accounts and voting machines. Potential software risks include blocked service, incorrect transactions, power loss, mathematical mistakes and data breaches.
Risks may range from the benign and trivial to the catastrophic and deadly. A syntax error, typo, mathematical mistake or temporary denial of service may be anywhere in this range. Part of it has to do with the amount of trust one must have in the item in question. Airplanes, self-driving cars, nuclear power plants and artificial hearts literally place people’s lives in their control.
Development and Operations are often focused on what’s been promised for delivery, specifically targeting functions and speed and throughput. But it is the software testers that are more focused on the rainy day scenarios and edge cases, the things that only seem to go wrong sometimes, under special conditions, or by structured attacks on security vulnerabilities. It may be an overlong entry or a reserved word or symbol that SQL may confuse a parser or SQL call. It may involve a permission specification that changed during development that wasn’t updated everywhere. It may involve a logic error that dodges an anticipated path.
Or it may involve a mobile device that processes or displays things a little differently than most other devices, caching unencrypted private data in a temporary file that is a little too accessible and visible to the outside world.
Software can be tested by the developers who write the code and are deeply connected to specs of what the code does and how it performs it, but are more focused on getting the product out the door than on software testing training. Software can be tested by in-house testers, who may be locked into the company’s tried and true but limited ways of software testing. Independent testing experts represent the broadest range of software testing abilities, which may or may not include managed crowd testing as a testing resource, especially where localization, cell phones and language are part of the testing equation.
