A bespoke test strategy for major UK data encryption project

A bespoke test strategy for major UK data encryption project

Project Summary

A leading UK-based water utility embarked on a high-profile data encryption project involving business-critical customer services. The project required building a large number of new systems, which would then have encryption applied to large databases to safeguard customer information. This could potentially impact the performance of the associated applications and systems.

The potential test scope for this project was vast with the new system housing more than 10 business-critical applications and underpinning 30+ databases.

Inspired Testing has been a trusted partner in the client’s large-scale modernisation and upgrade project for the past 18 months. Based on this strong existing relationship, Inspired Testing was tasked to develop a test strategy to replace the existing ad hoc test approach. Leveraging its familiarity and past insights into the client’s projects, Inspired Testing created a streamlined approach by utilising existing test cases and “Minimal Viable Tests (MVTs)”.

A phased approach and close collaboration between expert teams reduced the expected test time from 4 months to 3 months with minimal impact on validation and coverage.

Company

Water utility company

Industry

Utilities

Location

United Kingdom 

Solution

Strategic Test Consulting

Duration

One month 

Client Overview

The client is one of the largest water supply and treatment utilities in the UK. It collects and distributes 1 billion litres of water daily through thousands of kilometres of pipes to its 5.7 million clients. It runs more than 670 water treatment works and looks after 72, 000 acres of reservoirs and countryside.

Problem statement

Data encryption of large databases was of paramount importance to protect customer information. The existing approach was less structured and potentially less reliable. A lack of formalised processes and standard metrics would negatively impact the performance and functionality of critical applications in the face of new encryption requirements.

The application under test was a legacy estate without well-documented performance requirements.

The test scope was extensive, encompassing more than 10 business-critical applications and over 30 underlying databases.

The main challenge was creating an effective testing strategy to manage the vast test scope, minimise testing time, and ensure that the encryption did not adversely affect the performance and functionality of the applications and systems.

Solution

The chosen strategy streamlined the testing process, reduced time, improved coverage, and provided a structured approach to performance testing.

A phased approach leveraging existing test packs was created:

  • An Incrementally Phased Approach was proposed to manage the testing scope efficiently by leveraging existing test packs.
  • Existing Test Cases Utilised by identifying over 600 existing test cases that could validate core business processes and over 290 automation test cases.
  • Detailed Analysis and Scoping Sessions were conducted collaboratively with architects, developers, and business subject matter experts to create a set of “Minimal Viable Tests (MVTs)”.
  • Additional Business-Critical Test Cases were added for areas with minimal coverage.
  • Bespoke Automated Performance Tests were developed to provide standardised performance metrics for a business-critical application with known performance issues.
  • Formalised Regression Tests can replace previous ad hoc business tests and are suitable for future automation.

Before improvement

The client relied on ad hoc testing methods. This lack of formalised regression testing led to potential inconsistencies and inefficiencies in the testing process. Existing performance requirements were poorly documented and standard performance metrics were unavailable, which would have made it difficult to consistently assess the performance impact of the encryption on the applications and systems.

After improvement

  • Reduction in Testing Time:By implementing the incrementally phased approach and creating a set of “Minimal Viable Tests (MVTs),” the expected testing time was reduced from 4 months to 3 months. This was achieved with minimal impact on validation and coverage.
     
  • Improved Test Coverage: Additional business-critical test cases were added in areas with little to no existing coverage, ensuring that critical functionalities were adequately tested.
     
  • Enhanced Performance Testing: A bespoke set of automated performance tests was created, providing the client with standard performance metrics for a business-critical application. This was particularly valuable because the application was part of a legacy system with poorly documented performance requirements.
     
  • Formalised Regression Tests: The newly developed tests can now be used as formalised regression tests, replacing the previous ad hoc business tests. This standardisation is beneficial for future automation, making the testing process more efficient and reliable.

Benefit to the client after implementation

The client could continue with the database encryption, confident that the applications and systems will remain performant and functional. The expected test time was reduced by a month and the client now had a test pack that could be run as formalised regression tests and that are ready for automation.