The purpose of an Internet, or Web-based application is to make a company message, or an on-line interaction, available to an audience external to or throughout the enterprise. Additionally, Web-based technology allows the implementation of a system with a thin client (the Web browser), while the complex hardware, application software, and data supporting the application remain centralized rather than distributed.

While many tools and techniques are common to both Internet and Intranet development environments, Intranet applications affect internal users only; so the issues encountered (configuration management, security, etc.) are similar to those encountered with other internal client server applications. Although some of what follows is relevant to both, the discussion relates primarily to Internet (i.e., external to the enterprise) development.

New business strategies are needed

In traditional mainframe and client server application development, the IT team works closely with business users to design the look and feel of an application – menus, data entry and retrieval processes, selections in pick lists or drop down boxes, etc. These business users are the proprietors of the application and are the experts in its operation. The level of user experience with hardware (e.g., mice) and mode of operation (e.g., heads down data entry) can be researched and the application can be developed towards those levels.

A Web-based application communicates directly with business or retail customers and potential customers, providing them with information and accepting their orders or other input. So the application must be useable without training, and must convey appropriate company images. As a result, its content and appearance are of vital concern to the enterprise as a whole, and sales, marketing, graphics design, legal and other company functions should take an active, ongoing, role in its development. Thus, the business environment is more complex than it is for traditional systems.

As complexity grows, requirements grow too. In particular, the number of Testable Requirements (TRs) grows. (TRs are requirements from which test cases can be written see "About Testable Requirements" on this site.)

All this presents the development team in general, and the test team in particular, with new challenges, not only in managing expectations and communicating progress for a wide spectrum of executives and professionals throughout the organization, but also in implementing new technologies. The way to meet these challenges is to employ traditional, proven, project management and testing standards and disciplines – tailoring those best practices to the new circumstances. This will provide an effective and controlled framework for development, testing, and the entire software development life cycle.

Operational issues have added importance

Because of the public availability of Web-based applications, it is difficult to project volumes and other causes of poor performance. Traditional short term strategies for dealing with unanticipated performance problems, such as limiting the system’s accessibility to a sub-set of intended users, may not be an option. The only alternatives may very well be to live with the poor performance and possible damage to the company image, or to shut down the site entirely (such as Encyclopedia Britannica did) – until technical enhancements can be made to overcome these difficulties. Web developers must anticipate variation in the operational environment by designing scalability into their hardware and applications, and testing efforts must use effective techniques and tools to simulate high-stress situations.

Another source of difficulty is that the many platforms and browsers available to the public are not fully compatible. This has significant implications for design and testing. The test strategy must cover as many browsers and platforms as possible, and those excluded should be specifically selected by the strategy, not by chance. Defensive coding of the application should also be employed so that users of old browsers are politely informed of their incompatibilities.

Finally security takes on increased importance. Web applications are directed towards audiences external to the companies that create them. As a result, the viewers’ motives and intentions are unknown and uncontrollable, making the dangers of unauthorized access, vandalism and sabotage greater than for other applications. Designers and testers have to put special emphasis on security during development, implementation, and most importantly throughout the entire life of the application.

Testing is still testing

From its early days, Web development has had an improvised “anyone can do it” aura, which may be adequate for simple informational sites but not for business applications with significant back-office processing, interfaces to other systems, and high visibility. For example, an ordering system that is not effectively integrated with inventory tracking and reporting components may not be acceptable. Moreover, improvised techniques, as opposed to traditional project management and testing disciplines, often lead to systems with unacceptably high defect rates; they may have to be rewritten several times before they meet requirements, or are ultimately abandoned and written off altogether.

Avoidance of such problems requires a solid development process that includes an integrated quality testing methodology. A requirements-based testing process effectively applied to Internet development projects provides vital risk reduction benefits, as it does in all other technical environments. Test scenarios and test cases must be derived from requirements, although the types of requirements and the emphasis across requirements differs for Web-based systems.

Because users are presented with so many choices, actions, and combinations of the two, Web-based development offers a promising arena for automated test tools. These can enhance productivity, and help ensure completeness and accuracy in test case development and execution. Also, it may not be practical to manually generate the amount of data needed to simulate high transaction or network volumes for stress testing.

New skills are also needed

• New tools New programming languages and other development tools are required to create Web applications, and testers as well as developers will have to quickly become familiar with these tools. New test tools may also be needed, especially for stress testing. The first step management will face is to identify the specific tools to be used. Then, if the staff’s skills do not match those required, the organization will have to choose an appropriate mix of training current employees, hiring new employees, and using consultants.
• New infrastructure Some of the software or hardware components of an Internet or Intranet infrastructure may also be new to the enterprise, and require acquisition of new systems, operations, and testing skills. These skills could include: