[5-2-2011] Presentation I gave at Egineering World 2011 in Zeist, NL.

1. Ewald Roodenrijs (@ewaldroodenrijs) Sogeti TESTING WITH THE CLOUD ENGINEERING WORLD 2011

3. Problems in Software Testing

4. Costreduction

5. Flexibility

6. Compliance

7. Cloud-EnabledTesting Services

8. Issues

9. Experience

10. Do’s

11. Don’tsBX525WD

12. The Cloud Era

13. The Cloud Era

14. “ Cloud computing is a model for enabling convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction. This cloud model promotes availability and is composed of five essential characteristics, three service models, and four deployment models. ” Source: NIST, 2009a

15. CLOUD COMPUTING VIRTUALIZATION STANDARDIZATION + INTERNET + STANDARDIZATION = + AUTOMATION Cloud definition (mine)

16. CLOUD COMPUTING VIRTUALIZATION STANDARDIZATION + INTERNET + STANDARDIZATION Reduced Cost = + AUTOMATION Cloud definition (mine)

17. CLOUD COMPUTING VIRTUALIZATION STANDARDIZATION + INTERNET + STANDARDIZATION V.I.S.A. = + AUTOMATION Cloud definition (mine)

18. Focus on IT infrastructure Outlook – Short term

19. Outlook – Near term Shift to IT services

20. Outlook – Long term Cloud as a business model

21. LOW RESULT Problems DELAY ERRORS QUALITY INFLEXIBLE HIGHER RISKS RISING COSTS

22. CapEx to OpEx Costs Utility pricing: Pay-as-you-go Reduction in cycle time Effective utilization of investments

23. Disparate teams Flexibility Empowering project teams Ability to grow and shrink

24. Traceability Quality driven approach Compliancy is a given Auditable provisioning

25. But how?

26. Cloud-Enabled Testing Services

27. Cloud-enabled

28. Cloud-enabled

29. Acceptance Test Development Production DTAP

30. Test Infrastructure in the Cloud

31. Community Cloud Internet Internet Internet Internet Public Cloud Public Cloud Public Cloud Private Cloud Private Cloud Private Cloud Public Cloud Private Cloud Hybrid Cloud Hybrid Cloud Deploymentmodels Organization Organization Organization Organization

32. Public Cloud Available to the general public Owned by an organization selling Cloud services

33. Deploy a Service with a few mouse clicks Rational Team Concert running in 5 minutes Step 1 Step 2 Step 3 Click and Choose the Service you need Choose the hardware and usage configuration Application provisioned and ready to run

34. Private Cloud Solely for an organization On premise or off premise

35. Hybrid Cloud Composed of two or more Clouds Offer data and applications, but separate

36. Composed of two or more Clouds Form a community of organizations Community Cloud

37. Cloud-enabled

38. Implement ‘desktop’ solutions Short deployment time (minutes vs. months) Test Tools as a Service Available through the Internet Always the latest versions and updates

39. Maintenance Costs Break Even ROI Months

40. Cloud-enabled

41. c-STaaS Testing Tool Kit High Level Services Offered Test Tool Infrastructure Ownership Testing Tool Administration License Management Tools Support & Technical Query resolutions

42. Any issues?

43. Data segregation

44. Test data Laws & Legislation Work processes Test object storage

45. Test data Laws & Legislation Work processes Test object storage

46. Test data Laws & Legislation Work processes Test object storage

47. Test data Laws & Legislation Work processes Test object storage

48. “Trust is always earned, never given” R. Williams Security

49. Logging challenges Data ownership issues Security of virtual OS’s in the Cloud Multi-tenancy Data dispersal and international privacy laws Encryption needs Need for isolation management Dependence of secure hypervisors EU DPD and US Safe Harbor program Exposure of data to foreign government Attraction to hackers Quality of service guarantees Security Risk mitigation Possibility of massive outages Basel II Trust

50. Private Public External De-perimeterised Internal Perimeterised Open Proprietary Source: The Jericho Forum: https://www.opengroup.org/jericho/index.htm Cloud SecurityCube

51. Security measures Public Cloud Virtual machine isolation Security group support SSH, HTTPS for management Web identity management Audit history report VPN connection

52. Experience

53. Virtualize to bescalable

54. Test architecture blueprint

55. Catalyze IT modernization Improve internal IT services maturity Application consolidation Portfolio rationalization Standardize

56. “Any customer can have a car painted any colour that he wants so long as it is black” Henry Ford Standardize

57. Technicalknowledge

58. Legacysystems

59. Test data is confidential data Public Cloud = Public Domain ‘Killers’ Remain in control of the hosted data’s security

60. The Future – Test the cloud

61. Conclusion