Client is a leading educational software and solutions company, focusing on adding value to educational institutions based on speed, efficiency, reliability, and optimality. With Educational ERP products, Customized Solutions and Consultancy, our client empowers educational institutions to equip effective learning, teaching, and administration capabilities.
Client has developed Educational ERP products to automate and streamline all administrative tasks of schools, colleges, and universities. These ERP products bring seamless interaction among students, teachers, parents and institution management for improved productivity, efficiency and transparency. Institution management can make effective decision making with the insights provided by these ERP products.
Client has a manual testing practice for functional testing and looking to automate it for faster time-to-market. Alongside, client wanted their ERP products to undergo Performance Testing and Security Testing to ensure its overall quality.
The following are the few areas which made Comprehensive Software Testing an essential for client Educational ERP:
- Manual Testing practice has been tedious and time consuming, so client wanted to automate all the repetitive activities to save time and effort.
- Client has been struggling with the performance of all the portals and they wanted to improve overall ERP performance for specific user load.
- Client has been concerned about data security and wanted the ERP to be secured against all cyber threats or attacks.
We have thoroughly understood client requirement and pain areas and planned a test strategy which addresses all their Software Testing needs.
Client has 5000+ existing manual test cases and workflows of the ERP are also complex, so Test Automation life cycle will have a longer duration. Hence, we proposed to perform Performance Testing in parallel to Automation Testing.
Whether it is Automation Testing or Performance Testing, we need a proper understanding of their ERP to perform effectual testing. There are three portals – Student & Parent portal, Faculty portal and Admin portal, and there are modules that support administrative activities from Admissions to Examination, Fees Management and certificates & documents management.
As ERP has complex workflows, we need to login to more than one portal to complete end-to-end scenarios.
We believe that the effectiveness of automated tests depends on an understanding of manual test cases. So, the foremost thing we have done is understanding existing manual test cases. Having a clear understanding of ERP, workflows and test cases, we have decided to develop a Selenium-based hybrid Test Automation framework, including TestNG and ExtendReports.
The framework we developed is data-driven, modular driven and semi behavioral driven.
CHALLENGES WE FACED:
- The Educational ERP front-end was built on advanced JS, so we have added our in-house Object Identification methodology to the framework and ensured that we were able to identify the objects.
- It was a challenge to automate end-to-end scenarios, where the workflow continues across different portals.
- Due to complex workflows, we have faced challenges in Test Suite creation.
We were able to mitigate all these challenges with our unparalleled expertise and experience in Test Automation and our hybrid Selenium based framework.
- Improved speed and accuracy of functional testing
- Regression Testing reduced from 5 days to less than a day
- Up to 90% time saving on repetitive testing
- 8x improvement in defect detection
- Achieving 100% test coverage before a major release
- Improvement in time-to-market
Coming to performance requirement, client wanted scalability up to 3000 concurrent users with 1000 concurrent users as performance benchmark.
We have chosen JMeter as the load testing tool for load testing. With initial load tests, we have identified heavy response times, so we provided a few suggestions at the application level. Development team at the client has implemented these suggestions and we have proceeded with the next stage of load tests.
We have performed endurance test for 7 hours with 500 concurrent users. All the performance issues and bottlenecks identified at the application level are reported along with suggestions for improvement.
- Improvement in response time from 20 seconds to 5 seconds for login scenarios with 1000 concurrent users
- Improvement in throughput from 3/1sec to 10/1sec
- Overall 125% performance improvement with Database query and API level suggestions
- Suggested horizontal scaling due to high CPU and memory utilization error rate
Leveraging OWSAP Top 10 guidelines, we have performed Vulnerability Scanning and Assessment to identify vulnerabilities, and Penetration Testing to analyze the Security Risk of the vulnerability.
105 vulnerabilities were found with our Vulnerability Scanning, and we assessed 46 vulnerabilities were Cross Site Scripting. After performing Penetration Testing, we have identified 50 Security Risks which must be mitigated at the earliest. They were 4 Unrestricted File Upload Risks, and another two major risks include unauthorized access to Java Servlets Source Code and retrieval absolute path of the Web Server installation.
We have submitted a comprehensive VAPT report which included all the vulnerabilities, security risks, causes, and remediations.
- All the 50 Security Risks were mitigated with our remediation plan and suggestions
- Unauthorized access to source code and Server Path disclosure issues were mitigated
- Overall security of the ERP has been improved
By understanding the client functional testing, performance testing, security testing requirements, we have delivered client-centric testing services. A significant improvement in functional accuracy, performance and security have been observed at the end of the project.