| Part of a series on |
| Software development |
|---|
Paradigms and models |
Standards and bodies of knowledge |
Development testing is asoftware development process that involves synchronized application of a broad spectrum ofdefect prevention and detection strategies in order to reduce software development risks, time, and costs.
Depending on the organization's expectations for software development, development testing might includestatic code analysis,data flow analysis,metrics analysis,peer code reviews,unit testing,code coverage analysis,traceability, and other software verification practices.
Development testing is performed by the software developer or engineer during theconstruction phase of thesoftware development lifecycle.[1]
Rather than replace traditionalQA focuses, it augments it.[2] Development testing aims to eliminate construction errors before code is promoted to QA; this strategy is intended to increase the quality of the resulting software as well as the efficiency of the overall development and QA process.[3]
Development testing is applied for the following main purposes:
VDC research reports that the standardized implementation of development testing processes within an overarching standardized process not only improves software quality (by aligning development activities with proven best practices) but also increases project predictability.[4] voke research reports that development testing makes software more predictable, traceable, visible, and transparent throughout the software development lifecycle.[2]
In each of the above applications, development testing starts by defining policies that express the organization's expectations forreliability, security, performance, and regulatory compliance. Then, after the team is trained on these policies, development testing practices are implemented to align software development activities with these policies.[5] These development testing practices include:
The emphasis on applying a broad spectrum of defect prevention and defect detection practices is based on the premise that different development testing techniques are tuned to expose different types of defects at different points in the software development lifecycle, so applying multiple techniques in concert decreases the risk of defects slipping through the cracks.[3] The importance of applying broad set of practices is confirmed by Boehm and Basili in the often-referenced "Software Defect Reduction Top 10 List."[7]
The term "development testing" has occasionally been used to describe the application of static analysis tools. Numerous industry leaders have taken issue with this conflation because static analysis is not technically testing; even static analysis that "covers" every line of code is incapable ofvalidating that the code does what it is supposed to do—or of exposing certain types of defects orsecurity vulnerabilities that manifest themselves only as software is dynamically executed.Although many warn that static analysis alone should not be considered a silver bullet or panacea, most industry experts agree that static analysis is a proven method for eliminating many security, reliability, and performance defects. In other words, while static analysis is not the same as development testing, it is commonly considered a component of development testing.[8][9]
In addition to various implementations of static analysis, such asflow analysis, and unit testing, development testing also includes peer code review as a primary quality activity. Code review is widely considered one of the most effective defect detection and prevention methods in software development.[10]