Date: 24 September 2018
The influence of the Internet of Things (IoT)
Ultimately, the IoT will force organisations to change from passively monitoring their customers and users to proactively engage them and gaining insights about their behaviour to ensure their products and services remain relevant. The future of IT will be defined by its focus on improving customer service and delivering a fully integrated and automated user experience. Software will be developed based on human behaviour and will be explicitly designed to enhance our experiences or speed up the delivery of these improved experiences.
The technology landscape for IoT will generate an explosion of integration testing, but this will be more than just a website or eService, some middleware and a back-end database. Gartner estimates that there will be 50 billion connected devices by 2020. Many think this is a conservative estimate.
Testing will have to include a continuous stream of new devices coming online and deal with a significant variety of devices and ‘things’, as well as factoring in a vast array of connectivity methods. To help a business respond to changes in the market, we will need to extend the ‘shift left’ paradigm to ensure we can deliver continuous testing to enable automated deployment to multiple devices and ‘things’. This means we will do more testing of the messaging layer and API testing covering functionality, reliability and security. This will shift our focus beyond the traditional GUI testing and we should expect to see a growth in demand for non-GUI testing.
Impact on Testing
IoT will create a convergence where the physical and digital elements merge into one. The result will be an incredibly complex environment based on multiple programming languages, operating systems and machine languages. Interacting with these will be varying messaging and translation standards and multiple data formats for a huge array of devices.
The convergence of the physical and digital will pave the way for increased investment in Virtual and Augmented Reality and the use of this technology for testing will enable organisations to create fast and cost-effective simulations before committing to an actual build.
This gives them an opportunity to create multiple designs and test them with people and get early validation before anything physical is built. Testers will need to become comfortable with A/B testing approaches, as well as harnessing the benefit of beta testing through friendly crowds. This will provide immediate and valuable user feedback before a final design and release is committed to. 3D modelling isn’t new, but creating a virtual experience will help reduce costly build errors and help provide early results on various design options.
Overall, this exponential increase in complexity will generate more risk and increase the likelihood of issues. The value of early testing and immediate user/customer feedback will become a key asset of every SDLC.
IoT will introduce several new vulnerabilities resulting in additional security layers and checkpoints. Security will develop into an adaptive capability with fingerprint and retina scanning becoming key steps in authenticating user interactions and, along with Blockchain, will be the standard approach for all financial, personal and sensitive transactions. The result is that every aspect of testing and every stage of design, build and operate must include security as a critical element. Every tester will need to broaden their awareness of security vulnerabilities.
Alongside security, the impact on the laws and expectations on our privacy will be huge. To access services, we’ll have to sign up to a wealth of privacy statements to the point where we won’t know what’s private anymore. We won’t know who has access to our information or how they intend to use it. All of our information will be in the cloud so there’s no physical protection anymore.
There is an opportunity and possibly a responsibility on testers to ensure they can identify the source of data and trace it through a myriad of systems and devices to verify who has access to it and the conditions that it can be used. Understanding the application of privacy laws in a fully connected and automated digital world will be extremely challenging and testers will need to expand their knowledge of data integrity and sovereignty and need an understanding of secure SDLCs and combined behaviour-driven development (BDD) with BDD security.
Test managers will need to understand the risks to the project they’re on and what it means for the planning and scope of testing, the effort required and the skills and roles required to do it. We won’t be able to simply list security as an ‘out of scope’ activity to be undertaken by an independent specialist provider.
New skills will include a deeper understanding of the law and how it relates to privacy and the agreements users agree to on their smart devices. This extends to devices in the home and also the risks associated with sharing your location when on the move with a mobile device or embedded software in wearables.
Things like the physical keys to your home or your car will be replaced by digital encrypted keys or retina scanning or fingerprint and voice recognition technology. This means securing your home will no longer be just a physical act – it will also be a digital one. This extends the boundaries of testing beyond a system and a database. As intelligent software becomes more commonplace in our homes and workplaces, the impact on testing is that for many connected devices there’s no separate GUI. When testing these, we are likely to have just one user interface to orchestrate the rest and for test engineers this will mean interacting with machine languages and command line interfaces.