This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "OWASP Secure TDD Project"

From OWASP
Jump to: navigation, search
m
m
Line 14: Line 14:
 
==Introduction==
 
==Introduction==
  
About TDD
+
 
 +
== About TDD ==
 +
 
 +
== [Headline text]
 +
 
 +
 
 +
TDD is about writing a test which will fail, then writing the minimum amount of code required to make it run, then refactoring the code to make it clean. <br> This is done in cycles, fail -> pass -> refactor, adding a new test for each known requirement for the code.<br>
 +
 
 +
TDD is not about testing. TDD uses tests to drive the development and design of your code.<br>
 +
 
 +
You can do this with unit tests, functional tests and acceptance tests. Usually, you use all three.<br>
 +
 
 +
The tests tell you what to do, what to do next, when you are done. They tell you what the API is going to be, what the design is.
 +
 
 +
The tests permit you to refactor safely, ensuring that the desired behavior continues to work while you adjust your design. The tests also guide you to testable code, promoting smaller methods, shorter parameter lists, and overall much simpler design than other methodologies lead you to.
 +
 
 
Difference between TDD and Unit Tests
 
Difference between TDD and Unit Tests
 +
 +
 
How do we solve the problem by implementing STDD?
 
How do we solve the problem by implementing STDD?
  

Revision as of 14:56, 12 March 2014

OWASP Project Header.jpg

OWASP Secure TDD Project

The OWASP Secure TDD Project allows organizations to integrate security into the Test Driven Development (TDD) lifecycle.
When utilizing TDD, it is important to clarify to the developers that this process will change the way they think, since they need to cover all tests prior development, which is different from the unit testing approach.
The OWASP Secure TDD Project contains an open source tool written for .NET developers in order to allow generation of the most common tests out of the box and enable developers to consciously improve the project by developing additional tests or extensions.

Introduction

About TDD

== [Headline text]


TDD is about writing a test which will fail, then writing the minimum amount of code required to make it run, then refactoring the code to make it clean.
This is done in cycles, fail -> pass -> refactor, adding a new test for each known requirement for the code.

TDD is not about testing. TDD uses tests to drive the development and design of your code.

You can do this with unit tests, functional tests and acceptance tests. Usually, you use all three.

The tests tell you what to do, what to do next, when you are done. They tell you what the API is going to be, what the design is.

The tests permit you to refactor safely, ensuring that the desired behavior continues to work while you adjust your design. The tests also guide you to testable code, promoting smaller methods, shorter parameter lists, and overall much simpler design than other methodologies lead you to.

Difference between TDD and Unit Tests


How do we solve the problem by implementing STDD?


Description

Write a description that is just a few paragraphs long Explain about the tool - VS add-on, rules engine and extensions. Explain when to use the tool - before development and when knowing the answers to business questions, e.g. user inputs


Licensing

The OWASP Secure TDD Project is free to use. It is licensed under the Apache 2.0 License.


What is the OWASP Secure TDD Project?

The OWASP Secure TDD Project provides:

  • xxx
  • xxx


Presentation

OWASP IL October 2013[1]



Project Leader

Nir Valtman


Related Projects


Quick Download

  • Link to page/download


News and Events

  • [20 Nov 2013] News 2
  • [30 Sep 2013] News 1


In Print

This project can be purchased as a print on demand book from Lulu.com


Classifications

Owasp-incubator-trans-85.png Owasp-builders-small.png
Owasp-defenders-small.png
Cc-button-y-sa-small.png
Project Type Files TOOL.jpg
Q1
A1
Q2
A2

Volunteers

The OWASP Secure TDD Project is developed by a worldwide team of volunteers. The primary contributors to date have been:

  • xxx
  • xxx

Others

  • xxx
  • xxx

As of March 2014, the priorities are:

  • xxx
  • xxx
  • xxx

Involvement in the development and promotion of the OWASP Secure TDD Project is actively encouraged! You do not have to be a security expert in order to contribute. Some of the ways you can help:

  • xxx
  • xxx


PROJECT INFO
What does this OWASP project offer you?
RELEASE(S) INFO
What releases are available for this project?
what is this project?
Name: OWASP Secure TDD Project (home page)
Purpose: This project should contain a tool that allows creating security unit tests as part of Test Driven Development (TDD) process. The output of this page is documentation about the process and open source Visual Studio add-on. Today in the agile development world, many streams based on Test Driven Development (TDD). This project presents the approach to reuse this concept in context of security.
License: Apache 2.0 License
who is working on this project?
Project Leader(s):
  • Nir Valtman @
how can you learn more?
Project Pamphlet: Not Yet Created
Project Presentation:
Mailing list: Mailing List Archives
Project Roadmap: View
Key Contacts
  • Contact Nir Valtman @ to contribute to this project
  • Contact Nir Valtman @ to review or sponsor this project
current release
Not Yet Published
last reviewed release
Not Yet Reviewed


other releases