From Tallinn, With Love – Looking back on Nordic Testing Days 2015

It’s been a week since I have returned from Tallinn and the Nordic Testing Days conference, which has again been brilliantly organised and executed by Grete Napits and her wonderful team in Estonia. Helena Jeret-Mäe led the curation of this years content alongside her colleagues, and without doubt the organising team had certainly raised the bar again.

Santosh Tuppad, Rob Sabourin and Helena Jeret-Mäe out in the Old town of Tallinn

Santosh Tuppad, Rob Sabourin and Helena Jeret-Mäe out in the Old town of Tallinn

There were speakers from almost all corners of the testing globe, from Canada, UK, Australia, New Zealand, India and of course Estonia. A fantastic achievement! As a result of this breadth and depth of testing talent, it was hard to choose whose talks and workshops to go to, but choose I did.

Warming up

The hospitality and warmth of the conference, and Tallinn is evident. It began with an impromptu walk round the old town with Helena and a whole bunch of other great testers. The amazing architecture, the views from the city walls and the discussion made for a fantastic evening.

Relaxing with the Friendly Tester - Richard Bradshaw

Relaxing with the Friendly Tester – Richard Bradshaw

Snap happy! Rob Lambert

Snap happy! Rob Lambert

But first on to the tutorial days! Bill Matthews and I had already run “Exploring App (In)security” at Let’s Test the previous week, and without a doubt we had learned from that experience. So, we aimed this time to rebalance the session to make it much more interactive and practical at the outset. Many of the challenges of security testing come not only from understanding the threats to applications and therefore businesses, but also understanding how those threats can be translated into real world vulnerabilities, which attackers can then exploit.

Bill Matthews - telling it like it is

Bill Matthews – telling it like it is

Bringing forward those experiences in early, so the attendees were doing practical exercises from the beginning  was our primary goal for the day, so that they got the most out of Bill and I, the material we produced and the learning they could elicit from the discussion.

Again, we started out with an exploration of the application under test, but then we burst straight into a group threat modelling exercise!

Threat modelling with these budding new security testers!

Threat modelling with these budding new security testers!

After that, all the testers broke into small groups and pairs as we all found ways to exploit the threats we modelled, by exploring the vulnerabilities that might lurk under the covers.

Pairing up with Katrina Clokie (and another tester whose name I can't remember, sorry)

Pairing up with Katrina Clokie (and another tester whose name I can’t remember, sorry)

It was a long and exhausting day. Bill and I were rarely off our feet. We had a great time working with all these fantastic testers. One or two have even got in touch since to ask follow up questions and look for further study. Very encouraging and inspiring! It’s also inspiring me to do a whole lot more in 2016!

On to the first day of the conference proper, and following an interesting keynote by Mart Noorma on the Estonian contributions on space exploration and technology, I had my first major decision to make.

Spinning up your own influence

Katrina Clokie’s workshop “Become someone who makes things happen” was one of the highlights of the conference for me. In this workshop we were challenged to make sense of what our problems are in terms of making an impact on our teams, and influencing the decision making process.

Communicating our beliefs, needs and thinking is a huge problem for testers. I often have issues on influence myself, as I have explained in this blog post: The MEWTation of Communication. So, Katrina’s workshop really resonated with me because of that. We usually worked in pairs or small groups, working through scenarios where our sales skills specifically would be challenged – selling our own ideas, thoughts, and needs in testing.

Katrina Clokie - Becoming someone who makes things happen

Katrina Clokie – Become someone who makes things happen

Katrina referred to SPIN (Situation, Problem, Implication, Need) is a sales methodology that focusses on the needs of a customer, and attunes their offerings based on a mutually agreed solution. The problem here is not necessarily getting another person to recognise that the situation you have identified is a problem, that needs resolving, but also the impact to the person you are working with.

For testers there are always scenarios where this technique, and others like it, would be useful. Communicating your thoughts and feelings on acceptance criteria, resolving issues surrounding test planning and estimation, ensuring that you have effective resources and tools to do your job, bug advocacy – the list is endless.

Katrina encouraged us not only to explore the feedback we received, but also attitudes and feelings. Whether you are respectful and caring to those you work with, the difference between aggression and assertiveness, asking the right questions at the right time and using non verbal queues can all have an impact on your influence and ability to get things done.

This was a fantastic workshop that drew the best out of everyone in the room, both new to testing, experienced and hands on, and managers too!

Testing? Thats insanity!

Next up for me was Santosh Tuppad. His energy and enthusiasm for his craft was tested to the full, as Santosh lead us through a beautiful and colourful journey, as he became inspired to begin his own journey by starting Test Insane, his own exploratory test consultancy.

Santosh Tuppad from Test Insane

Santosh Tuppad from Test Insane

The great thing about conferences of any sort is that it can bring people together. Santosh and I have been in touch for many years now, but we have never met until we came to Nordic Testing Days. It’s like we have been friends for years, so a warm hug was in order, for this strong man had traversed continents to come and speak for an hour! However his love of testing and learning permeated the social side of this conference completely.

The impressive thing about this talk though was not just Santosh’s clear love of testing as a craft, but also his contribution to the wider community. Sure, Test Insane is a consultancy, but much of the material, tools, mind maps, and papers his team produce are shared across the board – for free! A valuable resource indeed, and Santosh and his team are a very valuable addition to the testing community.

First time speaker – but not the last

My Weekend Testing colleague Neil Studd made his speaking debut at Nordic Testing Days with “Weekend Testing Europe: A behind the scenes guide to facilitating effective learning”.

Neil loves Fonzie

Neil loves Fonzie

Neil came across with a confidence that belied both his nerves and trepidation at speaking for the first time. He not only talked about the drivers to establishing an exciting and dynamic learning community for testers online, which was the main thrust of his talk – but also some of the psychological thinking that was involved in that process.

Neil talked about the imposter syndrome – where people who are extremely skilled and competent in their chosen field, and yet still feel as if they are frauds, not deserving of acclaim, attention or feel their achievements are of any worth. I think that this is a phenomenon that a lot of people encounter – only the most arrogant of people wouldn’t question themselves occasionally.

However, I feel that this is something that Neil should have no issue with. He is a highly skilled and intuitive tester, with a great breadth and depth of knowledge, and he expresses it well.

Neil’s story is a shared story however, and with Amy Phillips, and their journey to bringing back to life the Europe chapter of Weekend Testing. My involvement in that is a footnote in this story, but I hope to be very much of its future.

Gaming the system

Next up was Kristoffer Nordström and his talk “Gamification – How to Engage Your End Users”. Kris is another tester that I have known about for a while, but had neither met not seen speak. Another great opportunity to learn from someone new.

Kris’ talk was a fascinating exploration of using gamification to encourage the teams he worked with to not only produce great work, but enjoy doing it. By using elements of game thinking and mechanics, developers and testers on his teams were able to contribute to the product by finding bugs and fixing code; and were encouraged to do so by earning points (and points mean prizes).

Kris's Moomins on tour in Tallinn

Kris’s Moomins on tour in Tallinn

Here lies the problem that Kris elaborated on. How do you get people to want to work on code and bugs, but to not want to do just because they are going to earn prizes for their efforts. It’s a complex balance to strike. Renumerating them enough, with branded, high quality pencils, mugs and t-shirts; AND trying to make it fun and exciting for the dev teams.

Kris even gamed the talk, with attendees playing bingo, trying to pick out the key words from the talk. I think I would need to spend some more time with Kris to get more of a handle on this topic, as it is an interesting one. I’ve had to use similar techniques during my time as a trainee teacher and Scout leader to help children become more engaged with activities – collecting stars or badges for examples. Great stuff!

Valuable lessons

Like the rest of the conference, this keynote was another one full of firsts. Rob Sabourin is another tester who I have never met, but had heard many interesting things about. His talk ‘Value Sync’ was an exciting and dynamic discussion about what we value as testers, what people on projects and teams value, and what our stakeholders and customers value – and seeing the relationships between those values.

Rob Sabourin - Value Sync

Rob Sabourin – Value Sync

Rob’s main point was whether the conflicts in these values could be resolved, where one person values low cost over quality, or speed to market over market saturation. There are a lot of elements to balance in teams, organisations and businesses; and testers have a part to play here in expressing what they value, and ensuring that the needs of stakeholders are also met by their testing.

It was a great ending to a long hard day of learning, networking and testing! But it wasn’t over yet.

Lightning in a bottle

So, there was a big sheet of paper on a pillar in the conference lobby – Lightning talks 9pm! I was tired, but there was so much energy in the room. Bill Matthews had already pressed ganged me into speaking – 5 mins of talk + Q&A. So, I contributed the short talk I did at MEWT and compressed it down…trying to pull out the salient points – about how personal identity and problems surrounding being a ‘geek’ in the workplace affects communication and influence.

'Question Assurance' with Guna Petrova

‘Question Assurance’ with Guna Petrova

Up Periscope! - Richard Bradshaw

Up Periscope! – Richard Bradshaw

A whole bunch of great people got up to talk – Bill Matthews, Neil Studd, Guna Petrova, Pekka Marjamäki, Kristjan Uba, Erik Brickarp and Olari Koppel. Resoundingly my favourite talk of the night was Neil’s on ‘9-5 testers’. Here is his blog post on the topic: Whats wrong with 9 to 5 testers.

In the past I have been a 9 to 5 tester, getting to work, doing my work competently, going home. That’s ok! There is nothing wrong with that. I had other interests and needs – I was in a new relationship and/or recently married, or I was playing in my gaming clan. Later, in 2007 I found other interests and got in to Scouting in a big way, which takes up a huge amount of my time. It didn’t stop me wanting to be a better tester, I just didn’t go to many meetups or do much reading, and certainly no conferences. As I have encountered various family crisis recently, I have scaled back my Scouting to focus on those, but my engagement with the testing community has filled quite a lot of that void; and it has been very rewarding.

A lot of this has to do with a number of factors – and one of the major ones for me was working in an environment that allowed me to be the kind of tester I wanted to be. Some of the companies that I have worked with have been less than supportive about attending conferences, worrying about the cost and the value to the business (perfectly valid considerations, I might add). Sometimes, if they allowed it, they specified the kinds of meetings to go to, rather than the testers choice. I don’t think I went to my first meetup until around 2008/9, almost a decade into my career.

I raised a question – ‘isn’t this about bad testers?’ not whether you spend every waking hour testing? It’s a different question, and not one we focussed on. Bad testing is not the same as being someone who doesn’t want to do testing or talk about testing in their spare time.

Neil also talked about introverted behaviours and how they might be a blocker to getting people engaged. It’s a complex problem, and not one easily solved. Except that creating a safe space for learning, either physical or not, that allows anyone to learn at their own speed and their own time can only be a good thing.

Rob Remaining Relevant

Friday morning brought new experiences and new challenges, namely watching Rob Lambert’s opening keynote on the second day of the conference. “Why remaining relevant is so important” reflects on the fast pace of change needed in businesses and services, and our place within that change. Do we sit on our hands and do nothing to meet that challenge and let opportunities pass us by, or do we skill up and start adding lots of value to our teams and businesses.

Ten Behaviours - with Rob Lambert

Ten Behaviours – with Rob Lambert

Whilst it may seem to be basic to talk about how you can remain  employable, it talks a lot more to ensure you remain valuable to your team, and continue to be valuable throughout. It’s a challenge we face every day, not only as testers, but as members of a wider development organisation. And ALL of what Rob talks about in this talk is valuable to everyone, not just testers. One of the main points here I took home was adding skills. Add as many skills as you can, become good at them – it might be coding, or using a particular tool, or being knowledgeable about a particular testing approach, or domain knowledge in your organisation. These ALL add value!.

I’d like to reflect further on these points in due course, but it would take too long here to discuss. However I would say this. Rob’s book “Remaining relevant and employable” is a great read. I read it in one sitting by the pool in the Canary Islands, and was one of the main reasons I decided to take a permanent role at New Voice Media. I’ve told this to Rob myself, and I don’t mind telling you now.

Preaching to the unconverted

Lastly, before I wrap up, I wanted to say a word about Katrina Clokie’s talk, which was a last minute substitution to the programme. “Sharing Testing with Non-testers in Agile teams” was a fantastic case study on how Katrina went into a business with little or no testing, little or no agility and was expected to give them all that in a 90 minute training session.

Super sub - Katrina Clokie

Super sub – Katrina Clokie

Katrina’s experience here was an expression of a depth of knowledge and skill, but also patience, timing, communication, tact and learning. Something we all should pay heed to.

Fantastic Revelations, Amazing Revelations

I’m not going to write much about my own talk “The Testing of Fear” here. I can’t really reflect on this easily in public. Giving this talk was emotionally difficult for me. I had practiced the talk before, at meetups in the UK. All the talks went well.

Due to the unfortunate and untimely death of an early mentor in my career, Adrian Smith, I changed the initial few slides late the previous night. Adrian was important to me, not least because he helped me get my first step on the ladder. His encouragement, leadership, skill and fortitude was an example to all who met and worked with him.

I went to his funeral this afternoon, and I learned a lot about him. As a lad he learned to be a butcher in his home town. He was a Royal Marine Commando, and served his country on many occasions. After leaving the Marines, he served as a police officer, where he met his late wife Deena. After that, he began a largely self taught career in IT – project and people manager, developer, tester, architect, DBA – almost everything you could think of, he could do! We all respected him and loved him. His funeral service this afternoon reflected that, as many of his friends and colleagues joined his family to celebrate his life today.

He was an agent of change – no fear of that.

Farewell…but not goodbye

Nordic Testing Days 2015 was an intense three days of learning and development for me. I hope to be privileged enough to attend again next year, and for years to come. It is a dynamic and exciting conference, with a wide breadth and depth of excellent testers and experiences. I know it will go on being that way! I can’t wait for 2016!

Life is always better with two – Let’s Test 2015 Reflections Day 2 & 3

Day 2

Crunch time. Day 2 comes and so does the Exploring App (In)Security workshop alongside one of my most important testing mentors, Bill Matthews.

We had been planning this workshop for some time, and we really wanted to make this work for the attending delegates. Bill had pulled out all the stops to create a really brilliant learning resource in the Ace Encounters web application, and together we planned the learning objectives we wanted to achieve.

Our aim was to provide a safe learning environment where the delegates could learn about security test design techniques, the key vulnerabilities in web applications and how to exploit them. It was also our intention to elicit discussion around these issues in the context of software testing, rather than hacking.

Bill Matthews in Action!

Bill Matthews in Action!

There were lots of great opportunities for Bill and I to learn as well, feeding off the needs of the attendees, and also their experiences. It’s the best way for us to get better at presenting the content, making it more relevant and exciting for everyone. Here are some photos of the day, where we got to work with some really great testers!
          Let’s Test is famous for it’s more social activities. You can’t go far from the conference venue, as it is in the middle of nowhere. So, we all have to create our own entertainment.

As Day 2 drew to a close and after a great chat with some awesome people in The Test Lab, a few of us retired to the games room – ostensibly to play pool, but as always things descended into testing games and chat!

This is part of the attraction of Let’s Test, where you can just hang out, with a few beers (or whisky in our case) and talk about test, the universe and everything.

Chris Chant, Dan Ashby and Phil Quinn

Chris Chant, Dan Ashby and Phil Quinn

On to Day 3, which was again a fantastic day of learning. This conference was my first chance to speak to many testers that I had admired and followed for sometime – such as Patrick Prill – @testpappy on Twitter. I hooked up with Patrick, Christina Ohanian and Dan Ashby at lunch time, and we did an impromptu recording of Testing in the Pub! I can’t wait for that episode to come out.

Patrick Prill

Patrick Prill

The morning lead me to more facilitation responsibilities, this time trying to manage the events at Jean-Paul Varwijk’s very well researched presentation and debate on the proposed ISO 29119 standard.

It wasn’t my job to get involved so much in the debate, but ensure that all the participants of the meeting at least got a chance to take part (If they wanted to) and ensure there was some sort of order to the questions, follow ups and burning issues being raised.

There was a lot of passion in the discussion. Clearly this issue has sparked much interest and concern within the context driven testing community. My main issue however that there was no real moderate or conflicting view arising from this discussion  – most if not all people who spoke up had little that was positive to say about the proposed standard, or opposed it out right.

Still, Jean-Paul had presented a tonne of material he had researched and gathered over time, and presented a cogent argument in as balanced a way as he possibly could. All in all, I am glad I volunteered for this session, as it allowed me to see testers debating in action!

Jean-Paul Varwijk

Jean-Paul Varwijk

Without doubt the highlight of Day 3 for me though was the fantastic session “Coders to the Left” lead Jan Eumann and Philip Quinn. This workshop encouraged us to work in pairs and small groups, with each activity with a different focus, for example working as a tester, developer or observer.

They had created an excellent resource for learning via a GitHub project called Fixture Finder. It essentially allowed you to search football match fixtures, using date and country as search criteria. More than that though, the workshop allowed us to explore what working like a developer might be like – and it was a challenge.

Rather than just finding bugs, we would isolate the cause and fix it on the fly, within our own instance of the app in Chrome. There were some very interesting bugs to find, such as blatant security flaws, or little bits of code that stripped search results from the list, or tampered with the results of football matches under certain conditions.

I know a bit of code. Not so much that it would allow me to call myself any kind of developer. I can use code, and other tools to help me solve testing problems. However this activity really did let us get to grips with how testers and developers can really work well together, reducing and improving the feedback loop as we test and code together. A brilliant exercise in collaborative learning.

Jan Eumann and Phil Quin

Jan Eumann and Phil Quin

Anders, Dan and me pairing up

Anders, Dan and me pairing up

So, as my first experience of Let’s Test draws to a close I want to reflect on what has been a most rewarding and exhausting experience in equal measure. The learning from the workshop I ran helped us feed this learning into the following session at Nordic Testing Days, yet it made me realise that I don’t really blog much about security. I should rectify that.

Let’s Test allowed me to engage deeply with my personal approaches to testing, and what I value about myself as a human being. The impromptu chats, podcast recordings, Reiki healing workshops with Dawn Haynes, the testing games, workshops and talks I attended all helped with that. I do attend to go again, as it is such an intense and engaging place to be.

Testing the testers: Let’s Test 2015 Reflections – Day 1

The night before

It is now almost a week since I arrived at Let’s Test near Stockholm in Sweden. I had heard a lot about Let’s Test, not least from my Weekend Testing colleagues Amy Phillips and Neil Studd. It was there this time last year that they decided to restart the Europe chapter. I had also heard a lot of good things about the conference from others in the community, all of which were overwhelmingly positive. So, as I recall my feelings and trepidations about attending and working at Let’s Test, I do it now with a renewed vigour regarding my career and learning.

The venue, nestled in a Swedish rural idyll on the Baltic coast close to Stockholm, is the perfect place. To say that it is beautiful is an understatement. The conference centre has the perfect combination of location and facilities that create a fantastic environment for learning, and of course, the socialising! After all, the conference is organised for testers, by testers.

Testers at the bar

Testers at the bar © Martin Nilsson / Lets Test Conference 2015
https://flic.kr/p/syAx7f

In addition to this challenge, I was not only running a workshop on security testing with Bill Matthews (more on that later) but I had also volunteered to be a facilitator. This meant that the workshops or talks I had volunteered for, I had to assist the speaker as much as possible with setting up and equipment, generally being a gopher for them. During the “Open Season” portion of the sessions, facilitators had to manage all the questions fielded by the attendees. The conference organisers had given us all K-Cards, to allow us all to take part fairly in the discussions. If you want to know more about K-Cards, check out this blog by Paul Holland – The history of K-Cards

Ben Simo -

Ben Simo – “there was not a breach, there was a blog’

Day One

The opening keynote was in a word, fantastic!

Ben Simo is a tester that I have been following for some time. His experiences and learning from attempting to organise health insurance on for his family would have been hilarious, if it hadn’t been so serious. “there was not a breach, there was a blog” was a fascinating journey through the issues and problems surrounding the release of healthcare.gov, the US Government website and initiative more popularly known as Obamacare.

Not only were there many functional, usability and performance issues with this site upon release, but also a huge range of potential security vulnerabilities. At the time, Ben blogged about these issues, trying to make the government aware of the problems and ultimately found himself somewhat reluctantly being the subject of media interest.

Ben is an eloquent and humorous speaker, who is extremely skilled and knowledgeable about his craft. His experiences also reflect strongly upon my recently learning in the sphere of security testing and as a result, the most significant takeaway I had from this talk was the matter of ethics when reporting issues in live, public systems. Ben emphasises the need to constantly be aware of the ethics of testing, and not harming the site. All in all, a brilliant start to proceedings.

Next up was an exciting and challenging workshop run by Emma Armstrong – “Equipping you for the unexpected challenges of testing”. I’ve known Emma for a while, but I’ve never seen her speak or run a workshop.

Emma Armstrong -

Emma Armstrong -“Equipping You For the Unexpected Challenges of Testing”

Emma had created a huge range of resources and a challenging application for us to investigate. Emma’s workshop encouraged us to examine and use a wide range and techniques and thinking in order to solve a testing problem. I really love pairing and working in groups with others, so this workshop really resonated with me. There is no better way to learn than to learn from others, in practical situations.

Emma’s enthusiasm, deep knowledge and skill in her craft is evident and clear from the content and presentation of the material. By examining and utilising thinking like Shneiderman’s Eight Golden Rules of Interface Design and Elizabeth Hendrickson’s Test Heuristic cheat sheet, we can overcome complex testing problems, without overwhelming ourselves. Using them as an oracle for any testing, where appropriate, then we can surely begin to equip ourselves for any unexpected scenario.

One of the best takeaways I had from this whole conference was during this session. I was pairing with two other testers, one from Sweden, the other from Romania. We discovered that our cultural differences, and in turn our similarities, often drive our thinking while testing. It’s not often I get to pair with testers from outside the UK, so this was a fantastic experience.

Our backgrounds and values often will impact the way we think about testing, and the problems we uncover – for example – a “Title” field would be almost unthinkable outside the UK, yet in the UK to not to be able to select whether you were Mr, Ms, Mrs, Miss or even a Captain or Lord would be equally strange.

After lunch I attended a half day workshop run by John Stevenson – “A Journey towards self learning”. I was facilitating this session, so helping out John with logistics and cold beverages! Despite my responsibilities preventing me from taking many notes, this workshop was and extremely engaging exploration of our own learning.

John Stevenson - A Journey towards self learning

John Stevenson – A Journey towards self learning

One of the major themes of the workshop was how constraints on information gathering can impact the quality of our learning and analysis of the information we gather. It can inform our opinions and how we apply values or biases to the learning we do.

One great example of this was a particular exercise. The group had to divide into three where each team had a particular task – discover as much as they could about the conference venue, with particular focus on the local flora. However each team had a major constraint imposed upon them – one was only able to use internet resources, another group could only use observations of the local environment, and the third could only speak to people at the conference venue. I went around with the third team to make sure the rules were adhered to.

The results were impressive and eye opening – whilst the team who had access to the web were able to gather a lot of data very quickly, they didn’t have the richness of data gathered by the other teams. It wasn’t easy for the other teams either, where it was fairly hard for team three to use information other than that gathered through word of mouth, as there was so much visual data to gather. Also, we were able to observe discrepancies and contradictions in the information that had been gathered. Its up to us as testers to be able to be mindful of our values and biases when analysing data, manage and work within constraints. John’s workshop was a fantastic way to engage with our own learning in an active and positive way!

All in all a fantastic start to an intense few days of learning! I’ll be blogging about day one and two over the next few days. Watch this space!