Did you know that…

There’s a Hole in Your Software,
Delilah!

Kraysis, one of Pakistan’s few SQA Companies talks about the why, what and how your software or network could be vulnerable and When it is critical to debug it during the development lifecycle.
There are multiple models you can follow for the development of your software or product. However regardless of the methodology you follow, the moment of truth for any project is the test phase. And testing means you stick the software in an unaccompanied seat on a wild rollercoaster, press a whole bunch of buttons and watch the show. This assessment of whether or not your brainchild can survive the test under the most challenging circumstances is called

Software Quality Assurance.
Software Quality Assurance, or SQA, is a means of monitoring the software engineering processes and methods used to ensure quality. It does this by means of audits of the quality management system under which the software system is created. Is the application complete? If you are going to have upgrades for it at a later stage, how will people update the portion of the code that needs to be updated? Will the software make the network or system it is installed in, vulnerable? Will it work on multiple platforms? The list is an endless one, which is why there are people who dedicate their businesses to providing SQA services.
pakistan actually only has a handful of companies that do SQA, but if more products are to be developed, then we’re going to need a lot more companies to help with the quality assurance.

Jamil Goheer, CEO of Kraysis explains, “SQA is as important as making sure that you don’t get sick. If you get regular checkups, you decrease the possibility of having a disease and also increase the possibility of having a problem diagnosed early on.”

When companies don’t make SQA as a part of their development cycle, explains Jamil, they are more vulnerable to project failure. “With proper QA processes in place, you ensure that the project is followed the way client wants it done. If not, you might have to redo the entire project, leaving the client to be the sole judge of the software developed.”

SQA is an ongoing process. Whether you choose to outsource the process or conduct it in-house, testing and debugging has to be done in an ongoing fashion. “By testing and compiling on a frequent basis, there is an 80% chance that you will have minimal problems at the completion of your project,” explains Jamil. Millions of lines of programming and it makes sense that you shouldn’t have to go through the entire project in one go, if you can avoid it.

“Actually if you don’t have a Quality Assurance process in place, what you end up doing at the very end is firefighting the problems with patches and quick fixes, rather than fixing the root cause of the problems.” Kraysis believes that once they test an application, there is a 95% chance of it’s  stable performance. In fact, software which has been tested by the company thus far, has never crashed or had a functionality breakdown. “This is just because we work on the nitty gritty and document everything so we have recovery points to refer back to.”

In the short time that Kraysis has been around, it has already made its mark. They have worked with companies such as Naseeb Networks, PalmChip, FSD Solutions within Pakistan and Microsoft, AVG, IOLO and Ezwim in the global marketplace.

There is a great deal of demand for software development at the present time, however there seems to be an inherent flaw in the environment. “Companies always assume that QA is an added cost. But it’s not about the added cost, it is only a cost-reduction process. If you don’t invest in QA at the beginning, you will end up investing more later on or even worse, the project may fail completely,” explains Jamil.

But doesn’t everyone think they’re the expert? So a company that develops a comprehensive, complex solution can surely appreciate the QA process. “Well, that’s a whole different issue. Actually, the people who are technically good, are usually the ones who don’t think about the QA resource. In fact, they assume that a QA engineer is one who couldn’t be a software engineer. This, in my opinion, is the single most serious issue which discourages good people from joining departments. If we want to raise the quality of our products, we need to change this perception.”
Kraysis is one of those companies who inspiring a change in this mindset by ‘walking the walk’. “Students from NUST and FAST want to join us.” And why shouldn’t they? They are a company who proposed a solution to a pertinent problem in the local market.

QA, says Jamil, is a part of the process. It’s not an activity done in isolation. Once the changes are made, they have to go through the QA process again in order to become ‘live’. “Too many times, I have seen companies not paying attention to this vital action item, hence causing their live running products to crash. QA should be an ongoing process being performed as many number of times the changes are made.” The two words key in this process seem so to be ‘simultaneous’ and ‘repeat’.

The Process
Kraysis tests for vulnerabilities in various areas:

. Functional: If the product performing it’s   intended function?
. Performance: Is the product or application  scalable? What are its limitations?
. Security: How stable and secure is the  application?
. Usability: How user-friendly is it?
. Code-Review: Is the code properly documented?     Are there any memory leaks?
. Cross Browser/OS: Is it platform or browser     independent or optimized for specifics?

“To achieve all this, we first conduct a ‘domain gathering’ session with the client.” This helps Kraysis gain an insight into what the product or service is intended for. “We then conduct an ‘exploratory’ testing and see how the application is ‘actually’ behaving. Once we have this information , we develop something known as a ‘Scenario Matrix’ document where we detail out all the scenarios in the testing process.” With this information in hand, the SQA experts develop ‘Test Plan’ document. Once this is approved by the client, they ‘execute’ the tests and report the bugs using web-based bug reporting tool.

“What you really need to is an independent assessment of your work. The value we give you is so much more considering we have worked across so many domains. This experience helps us to understand the intricacies of how best a software or GUI should be approached.”

While Kraysis works with a number of international clients, they encourage local companies to engage in the QA process. “We want to do business with local companies and  also want to help them grow. We completely appreciate the fact that these companies may not be able to afford complete QA departments for which reason we provide them the benefit of the experiences we gain through our portfolio.”

For more details, please visit the company
at kraysis.com