Participant Handbook

Sector
IT-ITeS

Sub - Sector
Future Skills
Occupation
Web & Mobile Development
Reference ID: SSC/Q8403, Version 2.0
NSQF Level 5

Application Developer
Web & Mobile
Published by
IT – ITeS Sector Skill Council NASSCOM
Sector Skill Council Contact Details:
Address: Plot No. – 7, 8, 9 & 10 Sector – 126, Noida, Uttar Pradesh – 201303
New Delhi – 110049
Website: www.sscnasscom.com
Phone: 0120 4990111 – 0120 4990172

All Rights Reserved©2024

Second Edition, August, 2024
Copyright©2024
IT – ITeS Sector Skill Council NASSCOM
Sector Skill Council Contact Details:
Address: Plot No. – 7, 8, 9 & 10 Sector – 126, Noida, Uttar Pradesh – 201303
New Delhi – 110049
Website: www.sscnasscom.com
Phone: 0120 4990111 – 0120 4990172
This book is sponsored by IT – ITeS Sector Skill Council NASSCOM
Under Creative Commons Licence: CC-BY-SA

This license lets others remix, tweak, and build upon your work even for commercial purposes, as long as they
credit you and license their new creations under the identical terms. This license is often compared to
“copyleft” free and open-source software licenses. All new works based on yours will carry the same license, so
any derivatives will also allow commercial use. This is the license used by Wikipedia and is recommended for
materials that would benefit from incorporating content from Wikipedia and similarly licensed projects.

Disclamer
The information contained herein has been obtained from sources reliable to IT – ITES Sector Skill Council
NASSCOM. NASSCOM disclaims all warranties to the accuracy, completeness or adequacy of such information.
NASSCOM shall have no liability for errors, omissions, or inadequacies, in the information contained herein, or
for interpretations thereof. Every effort has been made to trace the owners of the copyright material included in
the book. The publishers would be grateful for any omissions brought to their notice for acknowledgements in
future editions of the book. No entity in NASSCOM shall be responsible for any loss whatsoever, sustained by
any person who relies on this material. The material in this publication is copyrighted. No parts of this
publication may be reproduced, stored or distributed in any form or by any means either on paper or electronic
media, unless authorized by the NASSCOM.
 Skilling is building a be er India.
If we have to move India towards
development then Skill Development
should be our mission.

iii
 Cer ficate
COMPLIANCE TO
QUALIFICATION PACK - NATIONAL OCCUPATIONAL
STANDARDS
is hereby issued by the
IT-ITeS Sector Skills Council NASSCOM
for

SKILLING CONTENT: PARTICIPANT HANDBOOK

Complying to Na onal Occupa onal Standards of
Job Role/Qualifica oPack: “Applica on Developer - Web & Mobile” QP No. SSC/Q8403, NSQF Level 5

Date of Issuance: 25/06/2020

Valid up to*: 25/06/2025
Autorised Signatory
*Valid up to the next review date of the Qualification Pack or the (IT-ITeS Sector Skills Council NASSCOM)
‘Valid up to’ date men onedabove (whichever is earlier)

iv
Acknowledgments
This participant's handbook meant for Application Developer - Web & Mobile is a sincere attempt to
ensure the availability of all the relevant information to the existing and prospective job holders in this job
role. We have compiled the content with inputs from the relevant Subject Matter Experts (SMEs) and
industry members to ensure it is the latest and authentic. We express our sincere gratitude to all the SMEs
and industry members who have made invaluable contributions to the completion of this participant's
handbook.

This handbook will help deliver skill-based training in the Application Developer - Web & Mobile. We hope
that it will benefit all the stakeholders, such as participants, trainers, and evaluators. We have made all
efforts to ensure the publication meets the current quality standards for the successful delivery of
QP/NOS-based training programs. We welcome and appreciate any suggestions for future improvements
to this handbook.

v
Par cipant Handbook

About this book

This par cipant handbook has been designed to serve as a guide for par cipants who aim to obtain the
required knowledge and skills to undertake various ac vi es in the role of an Applica on Developer - Web
& Mobile. Its content has been aligned with the latest Qualifica on Pack (QP) prepared for the job role.
With a qualified trainer's guidance, the par cipants will be equipped with the following for working
efficiently in the job role:

· Knowledge and Understanding: The relevant opera onal knowledge and understanding to
perform the required tasks.

· Performance Criteria: The essen al skills through hands-on training to perform the required
opera ons to the applicable quality standards.
· Professional Skills: The Ability to make appropriate opera onal decisions about the field of work.
The handbook details the relevant ac vi es to be carried out by an Applica on Developer - Web &
Mobile. A er studying this handbook, job holders will be adequately skilled in carrying out their du es
according to the applicable quality standards. The handbook is aligned with the following Na onal
Occupa onal Standards (NOS) detailed in the latest and approved version of Applica on Developer - Web
& Mobile QP:

· SSC/N8417: Implement DevSecOps or con nuous integra on/con nuous delivery prac ces for
con nuous deployment of applica ons
· SSC/N8125: Develop tests or simula ons for end-to-end QA of systems

· SSC/N8418: Fix applica on bugs and improve applica on performance

· SSC/N8323: Monitor and manage cloud applica ons and the deployed systems
· DGT/VSQ/N0102: Employability Skills (60 Hours)

Par cipants can also elect to learn the Front-end Web Development, Mobile Applica on Development
and Back-end Engineering.
· SSC/N8414: Develop consistent and user-friendly web app for the target pla orm aligned to the
func onal, non-func onal and user experience requirements

· SSC/N8415: Develop na ve/cross-pla orm/hybrid mobile applica on for the target pla orms
· SSC/N8416: Develop reliable, scalable and secure back-end aligned to the applica on architecture

Symbols Used

Key Learning Exercise Notes Unit Ac vi y

Outcomes Objectives

vi
 Application Developer-Web & Mobile

Table of Contents
S.No. Modules and Units Page No.
1. IT-ITeS/BPM Industry – An Introduction (Bridge Module) 1
UNIT 1.1: Understanding the IT-ITeS Sector 3
UNIT 1.2: Dynamics and Evolution of the IT-ITeS Sector 16
UNIT 1.3: Roles & Responsibilities of Application Developer - Web & Mobile 26
2. Future Skills – An Introduction (Bridge Module) 33
UNIT 2.1: Overview of the Future Skills Sub-Sector 35
3. Web Technology – An Introduction (Bridge Module) 45
UNIT 3.1: Fundamentals of Web Technology 47
4. Mobile Development – An Introduction (Bridge Module) 61
UNIT 4.1: Understanding Mobile Technology 63
5. Global Standards and Regulations (Bridge Module) 77
UNIT 5.1: Data Management Standards and Compliance 79
6. Development Tools and Usage (Bridge Module) 93
UNIT 6.1: Application Development Tools and Practices 95
7. Continuous Integration, Delivery and Deployment (SSC/N8417) 118
UNIT 7.1: Foundations of Continuous Integration, Delivery, and Deployment 120
UNIT 7.2: Advanced CI/CD Practices and Automation Tools 135
8. Test Engineering (SSC/N8125) 156
UNIT 8.1: Testing Fundamentals and Methodologies 158
UNIT 8.2: Advanced Testing Techniques and Tools 178
9. Bugs Fixing and Performance Improvement (SSC/N8418) 191
Unit 9.1 Bugs Fixing and Performance Improvement 193
10. Application Performance Monitoring (SSC/N8323) 222
Unit 10.1 Application Performance Monitoring 224
11. Inclusive and Environmentally Sustainable Workplaces (SSC/N9014) 246
Unit 11.1 Sustainable Practices in the Workplace 248
Unit 11.2 Diversity and Equity Promotion Strategies in the Workplace 257
12. Employability Skills (60 Hours) – DGT/VSQ/N0102 271
It is recommended that all trainings include the appropriate Employability
skills Module. Content for the same can be accessed
h ps://www.skillindiadigital.gov.in/content/list

13. Front-end Web Development (SSC/N8414) (Elective – 1) 273

Unit 13.1: Front-end Web Development (SSC/N8414) 275
14. Mobile Application Development (SSC/N8415) (Elective - 2) 319
UNIT 14.1: Mobile Solution Planning and Development 321
UNIT 14.2: Mobile Application Development and Deployment 332
15. Back-end Engineering (SSC/N8416) (Elective - 3) 368
Unit 15.1 Back-end Engineering 370
16. Annexure 404
Annexure -QR Code-Video Link 405

vii
Par cipant Handbook

viii
1. IT-ITeS/BPM Industry
– An Introduction

Unit 1.1 - Understanding the IT-ITeS Sector

Unit 1.2 - Dynamics and Evolu on of the IT-ITeS Sector
Unit 1.3 - Roles & Responsibili es of Applica on Developer -
Web & Mobile

Bridge Module
Par cipant Handbook

Key Learning Outcomes

At the end of this module, you will be able to:
1. Explain the relevance of the IT-ITeS sector
2. State the various sub- sectors in the IT-ITeS sector
3. Detail the nature of work performed across the sub- sectors
4. List organiza ons in the sector
5. Discuss the evolu on of the sub sectors and the way forward
6. Explain the disrup ons happening across the IT- ITeS sector

2
 Application Developer-Web & Mobile

UNIT 1.1: Understanding the IT-ITeS Sector

Unit Objectives
At the end of this unit, you will be able to:
1. Explain the relevance of the IT-ITeS sector.
2. State the various sub-sectors in the IT-ITeS sector.
3. Detail the nature of work performed across the sub-sectors.

1.1.1 IT-ITeS Sector

The Informa on Technology (IT) and Informa on Technology Enabled Services (ITeS) sector have played a
pivotal role in propelling India's economic growth.
IT, which stands for informa on technology, encompasses ac vi es related to crea ng, managing,
storing, and exchanging informa on through technology. On the other hand, ITeS, or Informa on
Technology Enabled Services, focuses on leveraging technology to enhance the efficiency of
organiza onal processes.
· IT is the study of the design, management, development, implementa on, and support of
computer-based informa on systems, typically about computer hardware and applica on
so ware.
· ITES is part of IT. ITES Self means IT with enabled services. ITES is the study of outsourced service
which has arisen due to involvement in various fields of IT such as banking and finance, BPO, call
centers, etc.
IT has evolved as a major contributor to India's GDP and plays a vital role in driving growth of the economy
in terms of employment, export promo on, and revenue genera on.

Fig. 1.1.1 IT sector

3
Par cipant Handbook

In FY22, the IT sector contributed 7.4% of India's GDP, and by 2025, it is an cipated to make up 10% of
India's GDP.
According to Na onal Associa on of So ware and Service Companies (NASSCOM), the Indian IT
industry's revenue touched US$ 227 billion in FY22, a 15.5% YoY growth.
Difference between IT and ITeS in terms of their func ons, output, skills, and impact:

Aspect IT (Informa on Technology) ITeS (Informa on Technology

Enabled Services)

Defini on Develops so ware and manages Uses IT to enhance business

tech systems. processes and services.

Core Func ons Focuses on so ware, systems, and Leverages IT for customer support
networks. and non-core func ons.

Nature of Work Creates and maintains so ware and Outsources business processes for
apps. efficiency.

Output Tangibility Produces tangible tech solu ons. Provides intangible services like
improved processes.

Skill Requirements Technical skills in programming and Mix of tech, domain,

systems. communica on skills for services.

Examples So ware development, tech Customer support outsourcing,

consul ng. BPO, data entry services.

Global Compe veness Enhances through tech innova on. Drives efficiency, cost reduc on,
and specialized services.

Rela onship Overlaps as IT o en enables ITeS. -

Economic Impact Contributes to growth, tech export, Enhances efficiency, reduces costs,
jobs. provides employment.

Services offered by the ITES

ITeS offers various services such as medical transac on and coding, e-CRM (Customer Rela onship
Management), data mining and edi ng, electronic publishing, and more.

4
 Application Developer-Web & Mobile

Fig. 1.1.2 ITeS sector

Some other ITES services are listed below.

· KPO (Knowledge Process Outsourcing)

· BPO (Business Process Outsourcing)
· LPO (Legal Process Outsourcing)

· GPO (Game Process Outsourcing)

· Call Centres
· Opera ons at Back Office

· Logis cs Management.
Famous Indian IT-ITES companies

· CMC Limited

· HCL Technologies Limited

· Infosys Technologies Limited

· TCS (Tata Consultancy Services Ltd)

· Tech Mahindra Limited

· NIIT Technologies
Fig. 1.1.3 IT-ITES companies
vantages of ITES
· Through Business Process Outsourcing (BPO), organiza ons can broaden their capabili es,
fostering increased versa lity. BPO is a significant component of ITES.

· The improved organiza onal versa lity in ITES is achieved by accelera ng company processes,
events, and assignments.

5
Par cipant Handbook

· Efficient and advantageous use of chain partners and outsourcing of company processes enhance
the pace of specific company du es and func ons, par cularly in Supply Chain Management
(SCM).

Fig. 1.1.4 Applica on of IT services

1.1.2 BPM Sector

The BPM sector in India has emerged as a key player in the global outsourcing landscape, providing a
range of services like customer support, finance, and HR outsourcing to businesses worldwide.
India's appeal lies in its skilled workforce, cost-effec veness, and robust technological infrastructure.
Major players include TCS, Infosys BPO, Wipro BPM, and Genpact, opera ng globally.

Fig. 1.1.5 BPM sector

6
 Application Developer-Web & Mobile

· Employment and Talent: Significant contributor to Indian employment, drawing on the country's
English-proficient and skilled workforce.

· Technological Landscape: Embracing technologies like RPA, AI, and machine learning to enhance
opera onal capabili es.
Indian government ini a ves support the growth of the IT-ITeS and BPM sectors through policies and
infrastructure development.

Difference between IT-ITeS Sector and BPM Sector:

Aspect IT-ITeS Sector BPM Sector

Focus Diverse IT services and technology Uses IT to enhance business

solu ons. processes and services.

Core Ac vi es So ware development, IT Outsourcing non-core business

infrastructure. processes.

Output Tangible IT solu ons, so ware. Intangible process op miza on

services.

Client Interac on Tech solu ons, system Collabora on for process

development. improvement.

Skill Requirements Technical, programming. Mix of technical and process-

oriented skills.

Examples IT services, so ware development. BPO, customer support

outsourcing.

Global Compe veness Tech innova on, global solu ons. Business efficiency, cost reduc on
globally.

Economic Impact Economic growth, tech innova on. Opera onal efficiency, job
crea on in processes.

1.1.3 Mobile App versus Web Development

Mobile app development and web development are two dis nct but interconnected domains within the
broader field of so ware development.

· Mobile app development involves crea ng applica ons designed to run on mobile devices
powered by iOS or Android.

7
Par cipant Handbook

Fig. 1.1.6 Mobile app development

· On the other hand, web development is the process of building websites and web applica ons
that operate within web browsers. Both of these domains undergo con nuous evolu on.

Fig. 1.1.7 Web app development

8
 Application Developer-Web & Mobile

Difference between Mobile App Development and Web Development:

Basis Mobile App Development Web Development

Mobile applica ons are so ware Web applica ons, on the other hand, can
Defini on programs designed to operate on be accessed through a web browser and
smartphones and tablets. are highly adaptable to various devices.

Build process Companies o en hire developers to HTML5, CSS, and JavaScript can be
create na ve or hybrid mobile apps. combined to create web applica ons.

Compared to full-fledged website

visitors, mobile app users o en
Web apps offer a broader range of
Func onality experience limited func onality, with
func ons compared to mobile apps.
many of these applica ons focusing on
specific goals.

These apps fall into the category of Web apps can provide extensive
Pla orm na ve applica ons, specifically cra ed func onali es, as seen with Adobe
dependency to seamlessly integrate with a mobile Photoshop offering both a mobile app
device's opera ng system (OS). and a web version for users.

Educa on A bachelor's degree in so ware Web apps can provide extensive

engineering, mobile compu ng, func onali es, as seen with Adobe
computer science, mobile applica on Photoshop offering both a mobile app
development, or a related programming and a web version for users.
field is commonly required.

The key dis nc on is that mobile apps

Connec vity Online apps require an ac ve Internet
may frequently func on even when
and Updates connec on for proper func onality.
disconnected.

The average annual income for a Mobile The na onal average compensa on for a
Salary Applica on Developer in the US is Web Developer in the US is $66,593 per
$91,245. year.

iOS developers may use the Swi

programming language, Objec ve-C, Web developers have access to a variety
and the XCode IDE, while Android of languages and frameworks, including
Skills developers can choose Java or Kotlin HTML, JavaScript, Python, PHP, and Ruby.
with the Eclipse IDE. For hybrid apps, Popular frameworks include Laravel and
HTML, JavaScript, and CSS are Rails.
frequently employed languages.

9
Par cipant Handbook

1.1.3 Relevance of the IT-ITeS Sector

The IT-ITeS sector holds cri cal relevance for Applica on Developer - Web & Mobile.

Fig. 1.1.8 Applica on developer – web & mobile

This significance is closely ed to the nature of work and the dynamic requirements within the applica on
development domain:

· Technology Advancements: The IT-ITeS sector is at the forefront of technological advancements.

As an Applica on Developer working in web and mobile applica ons, staying updated with the
latest technologies and trends is crucial for crea ng innova ve and compe ve solu ons.

· Infrastructure and Support: The sector provides the necessary infrastructure and support for
developing robust web and mobile applica ons. This includes access to frameworks, tools, and
pla orms that streamline the development process.

· Global Collabora on: With the IT-ITeS sector facilita ng global collabora on, Applica on
Developers can work seamlessly with diverse teams and clients worldwide. This
interconnectedness enhances the exposure to different markets and user preferences.
· Job Opportuni es and Skill Development: The sector offers abundant job opportuni es for
Applica on Developers, allowing them to con nually enhance their skills. Professionals can
specialize in various aspects of web and mobile development, ensuring a dynamic and evolving
career path.

· Innova on Ecosystem: Within the IT-ITeS sector, there's a thriving innova on ecosystem.
Developers have access to cu ng-edge technologies, collabora ve pla orms, and a community
that encourages experimenta on and the crea on of novel solu ons.
· Digital Transforma on Focus: As businesses undergo digital transforma on, the demand for
skilled Applica on Developers is on the rise. The IT-ITeS sector plays a pivotal role in driving this
transforma on, offering developers the opportunity to be at the forefront of organiza onal
change.

10
 Application Developer-Web & Mobile

· Quality Assurance and Con nuous Improvement: The sector emphasizes quality assurance
processes and methodologies. Applica on Developers benefit from industry standards, best
prac ces, and a culture of con nuous improvement, ensuring the delivery of high-quality web and
mobile applica ons.
· Adaptability to Market Needs: The dynamic nature of the IT-ITeS sector enables Applica on
Developers to adapt quickly to evolving market needs. Whether it's incorpora ng new features or
addressing security concerns, developers can respond effec vely to changes in the industry.

· Global Compe veness in Applica ons: Through the IT-ITeS sector, Applica on Developers
contribute to the global compe veness of businesses. They create applica ons that not only
meet user expecta ons but also align with interna onal standards, posi oning companies on a
global stage.

1.1.4 Sub-Sectors in the IT-ITeS Sector

The IT-ITeS sector holds cri cal relevance for professionals pursuing a career as an "Applica on
Developer - Web & Mobile."

This significance is closely ed to the nature of work and the dynamic requirements within the applica on
development domain:

Sub-Sectors in the IT- Descrip on Descrip on

ITeS Sector

So ware Development Involves crea ng,

maintaining, and upda ng
so ware applica ons.

Web Development Focuses on building and

maintaining websites,
covering both frontend and
backend development.

11
Par cipant Handbook

Mobile App Specialized sub-sector

Development dedicated to crea ng mobile
applica ons.

IT Consul ng Provides expert advice on

technology solu ons,
offering strategic guidance
for development projects.

System Integra on Encompasses integra ng

Services different IT systems and
so ware applica ons.

Cloud Compu ng Provides scalable and

Services flexible compu ng resources
for hos ng and accessing
applica ons.

12
 Application Developer-Web & Mobile

Digital Marke ng Involves strategies and tools

Services for promo ng web and
mobile applica ons.

Cybersecurity Services Focuses on protec ng digital

assets, including secure
development prac ces for
applica ons.

Data Analy cs and Extracts insights from

Business Intelligence applica on-generated data
for informed decision-
making.

IT Infrastructure Involves the maintenance

Management and op miza on of IT
infrastructure suppor ng
applica ons.

13
Par cipant Handbook

1.1.5 Nature of Work performed across the Sub-sectors

The IT-ITeS sector holds cri cal relevance for professionals pursuing a career as an "Applica on
Developer - Web & Mobile."
· So ware Development: Crea ng, maintaining, and upda ng so ware applica ons, coding,
tes ng, and debugging.

· Web Development: Building and maintaining websites, involving frontend development for user
interfaces and backend development for server-side func onali es.
· Mobile App Development: Designing and developing applica ons for mobile devices, including
iOS and Android pla orms.

· IT Consul ng: Providing expert advice on technology solu ons, conduc ng assessments, and
offering strategic guidance for technology implementa ons.
· System Integra on Services: Integra ng different IT systems and so ware applica ons to ensure
seamless communica on and func onality.

· Cloud Compu ng Services: Offering scalable and flexible compu ng resources, including
infrastructure as a service (IaaS) and pla orm as a service (PaaS).

· Digital Marke ng Services: Developing strategies and using tools to promote web and mobile
applica ons, enhancing online visibility.
· Cybersecurity Services: Protec ng digital assets, securing applica ons through measures like
encryp on, authen ca on, and vulnerability assessments.

· Data Analy cs and Business Intelligence: Extrac ng, analyzing, and interpre ng data generated
by applica ons for informed decision-making and business insights.
· IT Infrastructure Management: Maintaining and op mizing IT infrastructure, ensuring the
smooth opera on of servers, networks, and other components suppor ng applica ons.

Fig. 1.1.9 Applica on development for web and mobile

14
 Application Developer-Web & Mobile

Notes

QR Code
Scan the QR Code to watch the related videos

h ps://youtu.be/cOtKswmP2NY
About IT-ITeS Sector

15
Par cipant Handbook

UNIT 1.2: Dynamics and Evolu on of the IT-ITeS Sector

Unit Objectives
At the end of this unit, you will be able to:
1. List organiza ons in the sector.
2. Discuss the evolu on of the sub-sectors and the way forward.
3. Explain the disrup ons happening across the IT-ITeS sector.

1.2.1 Organiza ons in the IT-ITeS Sector

in the dynamic realm of Informa on Technology and IT-enabled Services (IT-ITeS), a myriad of
organiza ons spearheads innova ons, drive technological advancements, and offer comprehensive
solu ons.

Fig. 10.2.1 IT-ITeS sector

Here are some well-known organiza ons in the IT-ITeS sector:

Organiza on Type of Work in IT-ITeS Sector

Tata Consultancy Services

So ware development, IT consul ng, business solu ons.
(TCS)

Infosys Limited IT services, consul ng, business process outsourcing (BPO).

16
 Application Developer-Web & Mobile

Wipro Limited IT services, consul ng, technology solu ons.

HCL Technologies IT services, so ware development, infrastructure

management.

Cognizant Technology IT consul ng, technology services, business process

Solu ons outsourcing.

IT services, telecommunica ons, business process

Tech Mahindra
outsourcing.

Accenture IT consul ng, technology services, outsourcing.

Capgemini IT services, consul ng, technology solu ons.

IBM (Interna onal

IT services, so ware, hardware, cogni ve solu ons.
Business Machines)

Oracle Corpora on Database management, cloud services, enterprise so ware.

Microso Corpora on So ware development, cloud services, hardware.

Amazon Web Services Cloud compu ng services, infrastructure as a service (IaaS).

(AWS)

Google LLC Internet services, cloud compu ng, so ware development.

Intel Corpora on Semiconductor manufacturing, hardware, technology

solu ons.

Cisco Systems, Inc. Networking hardware, so ware, telecommunica ons.

17
Par cipant Handbook

1.2.2 Evolu on of Sub-sectors and related Innova ons

As the IT-ITeS sector evolves, a proac ve approach towards adop ng emerging technologies, ensuring
cybersecurity, and enhancing user experiences will be cri cal for sustained growth and relevance in the
digital era. The sector is poised to play a pivotal role in shaping the technological landscape, driving
innova on across industries and contribu ng to the global digital transforma on journey.

Fig. 11.2.2 IT-ITeS sub-sectors

Sub-Sector Evolu on Innova on

Embracing microservices,
So ware From tradi onal methodologies to containeriza on, and con nuous
Development agile and DevOps prac ces. integra on for efficient and scalable
applica ons.

Web Development Transi on from sta c websites to Integra on of progressive web app
dynamic, responsive web (PWA) technologies, emphasizing user
applica ons. experience and cross-pla orm
compa bility.

Advancements from na ve app Embracing Flu er, React Na ve, and

Mobile App
development to cross-pla orm Swi UI for efficient and unified mobile
Development
frameworks. app development.

IT Consul ng Shi from tradi onal consul ng to Integra on of emerging technologies

strategic digital transforma on like AI, blockchain, and IoT into
consul ng. consul ng services.

18
 Application Developer-Web & Mobile

System Integra on Evolving from manual integra on Adop on of API-first approaches and
Services to automated and cloud-based hybrid cloud solu ons for seamless
integra ons. system integra on.

Cloud Compu ng Transi on from on-premise Advancements in serverless compu ng,

Services infrastructure to scalable cloud edge compu ng, and AI-driven cloud
solu ons. services.

Digital Marke ng From tradi onal marke ng to U liza on of AI, machine learning, and
Services data-driven, targeted digital analy cs for personalized marke ng
marke ng strategies. campaigns.

Responding to evolving cyber Integra on of AI and machine learning

Cybersecurity
threats with advanced threat for proac ve threat intelligence and
Services
detec on and preven on. automated security responses.

Data Analy cs and From basic repor ng to advanced Leveraging big data technologies, AI-
Business analy cs and real- me insights. driven analy cs, and predic ve
Intelligence modeling for ac onable intelligence.

The Way Forward:

Key Focus Areas Future Outlook

Con nued integra on of AI, machine learning,

Integra on of Emerging
blockchain, and IoT to enhance the capabili es of IT-ITeS
Technologies
solu ons.

Heightened emphasis on cybersecurity measures to

Focus on Cybersecurity
address evolving threats and safeguard digital assets.

Con nuous efforts to improve user experience through

Enhanced User
innova ve UI/UX design, accessibility, and personalized
Experience
interac ons.

Remote Work Further development of technologies suppor ng remote

Enablement work, emphasizing collabora on tools, security, and
virtualiza on.

Green IT Ini a ves Growing commitment to sustainability with eco-friendly

prac ces, energy-efficient technologies, and green data
center ini a ves.

Heightened focus on data privacy, compliance with

Data Privacy and
regula ons (such as GDPR), and ethical handling of user
Compliance
data.

19
Par cipant Handbook

Increased adop on of edge compu ng for faster

Edge Compu ng
processing and reduced latency, especially in
Expansion
applica ons like IoT and real- me analy cs.

Con nuous Innova on Ongoing evolu on of cloud services, including

in Cloud Services advancements in serverless compu ng, edge compu ng,
and mul -cloud strategies.

1.2.3 Disrup ons in the IT-ITeS Sector

Naviga ng these disrup ons requires adaptability, con nuous learning, and strategic planning. The IT-
ITeS sector's future hinges on effec vely leveraging these changes to drive innova on, deliver value, and
contribute to the evolving digital landscape.

Fig. 12.2.3 AI in automa on

· Emergence of AI and Automa on:

o Disrup on: Increasing adop on of Ar ficial Intelligence (AI) and automa on technologies
transforming tradi onal processes.
o Impact: Redefining job roles, enhancing efficiency, and enabling intelligent decision-
making.

· Shi to Cloud Compu ng:

o Disrup on: Widespread adop on of cloud compu ng, replacing tradi onal on-premise
infrastructure.

20
 Application Developer-Web & Mobile

o Impact: Increased scalability, flexibility, and cost-effec veness, transforming how IT

services are delivered.
· Remote Work Revolu on:

o Disrup on: Accelerated shi towards remote work driven by technological advancements
and global events.
o Impact: Redefining workplace dynamics, emphasizing digital collabora on tools, and
reshaping talent acquisi on strategies.

· Cybersecurity Challenges:
o Disrup on: Escala on of cyber threats and a acks, demanding advanced cybersecurity
measures.

o Impact: Increased focus on robust security prac ces, threat intelligence, and the
development of resilient cybersecurity frameworks.
· Evolu on of DevOps and Con nuous Integra on:

o Disrup on: Integra on of DevOps prac ces and con nuous integra on, changing so ware
development lifecycles.
o Impact: Accelerated development cycles, improved collabora on, and enhanced so ware
quality.

· Blockchain Integra on:

o Disrup on: Growing adop on of blockchain technology for secure and transparent
transac ons.

o Impact: Transforming industries like finance, supply chain, and healthcare with
decentralized and tamper-resistant systems.

Fig. 13.2.4 Blockchain integra on

21
Par cipant Handbook

· Data Privacy and Compliance:

o Disrup on: Heightened focus on data privacy regula ons (e.g., GDPR) and compliance
requirements.

o Impact: Increased emphasis on ethical data handling, transparency, and the need for
robust compliance frameworks.
· Rise of Low-Code and No-Code Pla orms:

o Disrup on: Emergence of low-code and no-code development pla orms empowering
non-developers to create applica ons.
o Impact: Accelera ng applica on development, reducing dependence on coding exper se,
and democra zing so ware crea on.

· Growth of Edge Compu ng:

o Disrup on: Expansion of edge compu ng for decentralized processing and reduced
latency.

o Impact: Improved real- me data processing, par cularly beneficial for IoT applica ons.
· Digital Transforma on Impera ve:
o Disrup on: Increasing need for organiza ons to undergo digital transforma on to stay
compe ve.

o ·mpact: Accelerated adop on of advanced technologies, redefined business models, and

emphasis on customer-centric strategies.

· Focus on Sustainability:

o Disrup on: Growing awareness and commitment to sustainable and eco-friendly IT

prac ces.
o Impact: Green IT ini a ves, energy-efficient data centers, and sustainable technology
solu ons.

· Evolving Business Models:

o Disrup on: Shi ing from tradi onal outsourcing models to outcome-based, collabora ve
partnerships.

o Impact: Enhanced value delivery, increased client engagement, and a focus on co-
innova on.

1.2.4 Dynamics and Evolu on in Web and Mobile App

Development
These dynamics and evolu onary trends reflect the con nuous adapta on and innova on within the
IT-ITeS sector, shaping the landscape of web and mobile app development. Staying abreast of these
changes is essen al for professionals to deliver cu ng-edge solu ons in this dynamic industry.

22
 Application Developer-Web & Mobile

Fig. 14.2.5 Web and mobile app development

Aspect Dynamics Evolu on

Shi from sequen al development to

Agile Rapid adop on of agile
itera ve, flexible processes for quicker and
Development methodologies.
adap ve project delivery.

User-Centric Increasing emphasis on user Transi on from feature-driven to user-

Design experience (UX) design. centered design, priori zing user needs and
feedback.

Rise of cross-pla orm frameworks (e.g., React

Cross-Pla orm Growing demand for apps
Na ve, Flu er) for unified development across
Development across various pla orms.
mul ple devices.

Integra on of PWA features, like offline

Progressive Web Surge in popularity of
func onality and push no fica ons, into web-
Apps (PWAs) Progressive Web Apps.
based applica ons.

Microservices Adop on of microservices for Transi on from monolithic to microservices

Architecture modular applica on architecture, enabling scalability and easier
development. maintenance.

DevOps Increased integra on of Con nuous integra on and delivery (CI/CD)

Integra on DevOps prac ces. pipelines for automated tes ng, deployment,
and collabora on.

Low-Code and Rise in the use of low-code Empowering non-developers for applica on
No-Code and no-code pla orms. crea on, accelera ng development cycles.
Development

Incorpora on of AI for Use of AI for personaliza on, predic ve

AI Integra on
intelligent features. analy cs, and enhanced user interac ons.

23
Par cipant Handbook

Implementa on of robust security measures,

Security-First Growing concerns about
including encryp on and secure coding
Approach cybersecurity.
prac ces.

Cloud-Na ve Shi towards cloud-na ve Designing applica ons op mized for cloud
Development architecture. environments, promo ng scalability and
flexibility.

Con nuous Ongoing need for skill Emphasis on con nuous learning to keep up
Learning development. with emerging technologies and industry
trends.

Sustainability in Increasing focus on eco- Integra on of sustainable coding and

Development friendly prac ces. development prac ces to minimize
environmental impact.

24
 Application Developer-Web & Mobile

Notes

25
Par cipant Handbook

UNIT 1.3: Roles & Responsibili es of Applica on Developer -

Web & Mobile

Unit Objectives
At the end of this unit, you will be able to:
1. Explain the Roles & Responsibili es of "Applica on Developer - Web & Mobile".

1.3.1 Roles & Responsibili es of "Applica on Developer -

Web & Mobile"
'Applica on Developer - Web & Mobile' are responsible for the design and development and
maintenance of web-based and mobile based applica on. They manage applica on lifecycles and ensure
the processes for con nuous integra on and delivery.

Fig. 15.3.1 Applica on developer – web & mobile

Individuals in this role must work and collaborate with various stakeholders involved in the development
of web-based or mobile-based applica ons and solu ons. They must be able to communicate and build
rela onships with others and con nuously develop their knowledge and analy cal abili es.
Roles & Responsibili es:
· Design and Development:
o Create and implement so ware solu ons for web and mobile pla orms.
o Develop user interfaces, features, and func onali es based on project requirements.
· Coding and Programming:
o Write clean, efficient, and maintainable code using relevant programming languages.
o Debug and troubleshoot issues to ensure op mal performance.

26
 Application Developer-Web & Mobile

· Pla orm Exper se:

o Stay updated on the latest trends and technologies in web and mobile development.
o Specialize in either web or mobile pla orms or possess exper se in both.
· Collabora on:
o Collaborate with cross-func onal teams, including UX/UI designers, product managers,
and other developers.
o Par cipate in code reviews to maintain code quality and standards.
· Tes ng and Quality Assurance:
o Conduct thorough tes ng of applica ons to iden fy and resolve bugs and issues.
o Ensure applica ons meet quality standards and user requirements.
· Documenta on:
o Generate and uphold technical documenta on for reference and knowledge
dissemina on.
o Document code changes, processes, and applica on features.
· Con nuous Improvement:
o Engage in con nuous learning to stay updated on emerging technologies.
o Seek opportuni es to enhance development skills and adopt best prac ces.
· Project Management:
o Contribute to project planning, es ma on, and meline management.
o Communicate effec vely with stakeholders on project progress.

1.3.2 Do's and Don'ts for an "Applica on Developer -

Web & Mobile"
'Applica on Developer - Web & Mobile' needs to adhere the below:

Do's: Fig. 16.3.2 Do's and don'ts for applica on developer

· Do Collaborate: Collaborate with team members for effec ve problem-solving and innova ve

27
Par cipant Handbook

solu ons.
· Do Stay Updated: Keep up with the latest industry trends, tools, and technologies.
· Do Follow Best Prac ces: Adhere to coding standards, best prac ces, and development
methodologies.
· Do Test Thoroughly: Conduct comprehensive tes ng to ensure robust and error-free applica ons.
· Do Document: Maintain clear and concise documenta on for code and project-related ac vi es.
Don'ts:
· Don't Ignore Code Quality: Avoid compromising on code quality for quick solu ons.
· Don't Overlook Security: Never overlook security considera ons; priori ze secure coding
prac ces.
· Don't Skip Tes ng: Avoid deploying applica ons without thorough tes ng.
· Don't Work in Isola on: Avoid working in isola on; foster communica on and collabora on.
· Don't Resist Change: Embrace change and new technologies; resist the urge to s ck solely to
familiar tools.

1.3.3 Personal A ributes of an "Applica on Developer -

Web & Mobile"
'Applica on Developer - Web & Mobile' should possess followings:
· Communica on Skills: Facilita ng clear and efficient communica on with team members and
stakeholders.
· Analy cal Abili es: Strong problem-solving and analy cal skills.
· Adaptability: Ability to adapt to evolving technologies and project requirements.
· A en on to Detail: Me culous a en on to detail for bug-free and efficient code.
· Team Player: Collabora ve mind-set and ability to work well in a team.
· Con nuous Learner: Eagerness to learn and stay updated on industry advancements.

Fig. 17.3.3 Personal a ributes required for occupa on

28
 Application Developer-Web & Mobile

1.3.4 Career Opportuni es of an "Applica on Developer -

Web & Mobile"
'Applica on Developer - Web & Mobile' may have these op ons for pursuing their career:

· Full Stack Developer: Develop exper se in both front-end and back-end technologies.

· Mobile App Developer: Specialize in mobile applica on development for iOS or Android.
· UI/UX Developer: Focus on crea ng visually appealing and user-friendly interfaces.
· DevOps Engineer: Get involved in con nuous integra on, deployment, and automa on.

· Technical Lead/Architect: Progress to a leadership role, guiding development teams and shaping
technical strategies.

Fig. 18.3.4 Career opportunity

As an "Applica on Developer - Web & Mobile," embracing these roles and responsibili es, adhering to
best prac ces, and cul va ng personal a ributes can pave the way for a successful and rewarding career
with various growth opportuni es in the IT-ITeS sector.

29
Par cipant Handbook

Exercise
Answer the following ques ons:
Short Ques ons:
1. Why is the relevance of the IT-ITeS sector crucial in the contemporary business landscape?

2. Can you iden fy two sub-sectors within the broader IT-ITeS industry?
3. Briefly describe the nature of work performed across different sub-sectors in the IT-ITeS domain.
4. Name one organiza on opera ng in the IT-ITeS sector that has gained prominence.

5. How does the evolu on of sub-sectors contribute to the sector's adaptability and growth?
Fill-in-the-Blanks:
1. The IT-ITeS sector plays a vital role in ____________, powering various industries with
technological solu ons.
a) Isola on
b) Digital Transforma on
2. _________ and _________ are two prominent sub-sectors within the expansive IT-ITeS industry.
a) Healthcare, Agriculture
b) So ware Development, Business Process Management
3. The nature of work in IT-ITeS sub-sectors ranges from so ware development to __________.
a) Fashion Design
b) Data Analy cs
4. _________ and _________ are organiza ons that have made significant contribu ons to the IT-
ITeS sector.
a) ABC Corpora on, XYZ Innova ons
b) Tech Solu ons Ltd, Global Services Inc.
5. The evolu on of IT-ITeS sub-sectors involves adap ng to emerging technologies and __________.
a) Stagna on
b) Industry Trends

True/False Ques ons:

1. The IT-ITeS sector is isolated from the advancements in other industries.

2. So ware Development and Business Process Management are not sub-sectors within the IT-ITeS
industry.
3. The nature of work in IT-ITeS sub-sectors is limited to so ware development only.
4. Organiza ons like Tech Solu ons Ltd and Global Services Inc. are not associated with the IT-ITeS
sector.

5. The evolu on of sub-sectors in the IT-ITeS industry is not influenced by industry trends and
technological advancements.

30
 Application Developer-Web & Mobile

Notes

31
Par cipant Handbook

32
2. Future Skills – An
Introduction

Unit 2.1 - Overview of the Future Skills Sub-Sector

Bridge Module
Par cipant Handbook

Key Learning Outcomes

At the end of this module, you will be able to:
1. Provide an overview of the Future Skills sub-sector
2. Explain the various occupa ons under this sub- sector
3. List key trends across the occupa ons in this sub- sector
4. List various roles in the Future Skills sub-sector

34
 Application Developer-Web & Mobile

UNIT 2.1: Overview of the Future Skills Sub-Sector

Unit Objectives
At the end of this unit, you will be able to:
1. Describe the Future Skills sub-sector.
2. Explain diverse occupa ons within the sub-sector.
3. Iden fy and categorize trends across sub-sector occupa ons.
4. Enlist roles in the Future Skills sub-sector.

2.1.1 Future Skills Sub-sector

Future skills encompass the array of competencies, capabili es, and knowledge projected to be highly
sought-a er in the forthcoming job market. These skills are an cipated to assist individuals in naviga ng
the swi ly changing technological, economic, and social landscape of the future.

Fig. 2.1.1 Future skills

NASSCOM (Na onal Associa on of So ware and Service Companies) is an industry associa on in India
with a focus on the IT-BPM (Informa on Technology-Business Process Management) sector.
Opera ng under NASSCOM, a Skills of the Future Workgroup
was established, featuring industry representa ves, to
comprehend the repercussions of technological disrup ons.
Led by BCG (Boston Consul ng Group), a study was conducted
to delineate future skilling and reskilling ini a ves capable of
addressing the digital disrup on wave. The research iden fied
technologies poised for substan al growth, associated job
roles, and the requisite skills for those technologies.
FutureSkills is dedicated to 155+ skills across 70+ job roles
spanning 10 emerging technologies, including Ar ficial
Intelligence, Blockchain, Big Data Analy cs, Cloud Compu ng, Fig. 2.1.2 NASSCOM

35
Par cipant Handbook

Cyber Security, Internet of Things, Mobile Tech, Robo c Process Automa on, Virtual Reality, and 3D
Prin ng.
FutureSkills Prime, India's Technology Skilling Hub, is a collabora ve effort by NASSCOM and MeitY,
aiming to transform India into a Digital Talent Na on.

FutureSkills Prime serves as an innova ve and progressive ecosystem, equipping learners with cu ng-
edge skills crucial in today's rapidly evolving digital landscape.
With NASSCOM as the driving force, the IT-ITeS industry has risen to the occasion through the FutureSkills
Ini a ve – an industry-driven learning ecosystem..

Fig. 2.1.3 FutureSkills prime

2.1.2 Diverse Occupa ons within Future Skills Sub-sector

The diverse occupa ons within the Future Skills sub-sector encompass a wide range of roles that are
essen al for addressing the evolving demands of the digital landscape. These occupa ons reflect the
need for a mul dimensional skill set that goes beyond tradi onal job roles.

Some examples of diverse occupa ons within the Future Skills sub-sector may include:
· Data Analysts: Responsible for analyzing and interpre ng complex data sets to derive meaningful
insights, suppor ng informed decision-making.

· Cybersecurity Specialists: Focus on safeguarding digital systems, networks, and data from cyber
threats, ensuring the security and integrity of informa on.
· User Experience (UX) Designers: Design and enhance the overall user experience of digital
products, ensuring they are intui ve, user-friendly, and align with user expecta ons.

36
 Application Developer-Web & Mobile

· Ar ficial Intelligence (AI) Engineers: Develop and implement AI algorithms and solu ons,
leveraging machine learning and data science to create intelligent applica ons.
· Cloud Architects: Design and manage cloud infrastructure, enabling organiza ons to leverage
cloud services for scalability, flexibility, and efficiency.

· Digital Marke ng Specialists: Employ digital channels and strategies to promote products or
services, u lizing analy cs to op mize marke ng campaigns.
· Augmented Reality (AR) and Virtual Reality (VR) Developers: Create immersive digital
experiences using AR and VR technologies, applicable in diverse fields such as gaming, educa on,
and healthcare.
· Blockchain Developers: Work on developing secure and transparent blockchain-based solu ons
for applica ons like secure transac ons and smart contracts.

· DevOps Engineers: Bridge the gap between development and opera ons, focusing on
collabora on, automa on, and con nuous improvement in the so ware development lifecycle.
· Content Creators and Managers: Develop and manage digital content for various pla orms,
including websites, social media, and other online channels.
· Robo c Process Automa on (RPA) Specialists: Implement automa on solu ons using RPA
technologies to streamline and op mize repe ve business processes.

· IoT (Internet of Things) Specialists: Design and implement solu ons involving interconnected
devices, contribu ng to the development of smart and interconnected systems.

Fig. 2.1.4 Diverse occupa ons in futureskills

37
Par cipant Handbook

These occupa ons highlight the interdisciplinary nature of the Future Skills sub-sector, where
professionals need a combina on of technical, analy cal, crea ve, and collabora ve skills to excel in their
roles. The diversity of occupa ons underscores the need for a versa le workforce capable of addressing
the mul faceted challenges of the digital era.

2.1.3 Iden fying and Categorizing Trends across Sub-sector

Occupa ons in Future Skills Domain
Iden fying and categorizing trends across sub-sector occupa ons in the Future Skills domain involves
recognizing pa erns and shi s that influence the nature of work and skill requirements.
Here are some overarching trends:

Fig. 2.1.5 Occupa ons in sub-sectora

Trend Descrip on Impact on Occupa ons

Increasing integra on of
Evolving roles to incorporate collabora on with
Automa on and AI automa on and AI
intelligent technologies, requiring skills in AI,
Integra on technologies across
machine learning, and algorithm development.
occupa ons.

Demand for digital communica on, virtual

Remote Work and Accelerated adop on of
collabora on, and project management skills,
Digital remote work and digital
reshaping the way professionals work and
Collabora on collabora on tools.
collaborate.

38
 Application Developer-Web & Mobile

Data-Driven Growing emphasis on Increased demand for data analy cs and

Decision-Making data-driven decision- interpreta on skills across occupa ons,
making. enabling informed and strategic decision-
making.

Cybersecurity Heightened focus on Rising demand for cybersecurity specialists

Emphasis cybersecurity measures. across occupa ons to ensure the security and
protec on of digital assets and informa on.

Con nual Learning Con nuous need for Professionals expected to engage in ongoing
and Upskilling upskilling and learning. learning to adapt to emerging technologies,
promo ng a culture of lifelong learning.

Human-Centric Emphasis on human- Increased importance of UX/UI design skills

Design centric design principles. across occupa ons to enhance user experiences
and ensure user-centric product development.

Sustainable Growing focus on Integra on of eco-friendly prac ces, leading to

Prac ces sustainability in demand for professionals with skills in
technology and business sustainable development and green
prac ces. technologies.

Rise of Gig Increasing par cipa on in Crea on of flexible work opportuni es,
Economy the gig economy. requiring individuals to possess entrepreneurial
skills, self-management, and adaptability.

Augmented and Growing adop on of Demand for specialists in AR and VR

Virtual Reality augmented and virtual development across various industries,
Adop on reality technologies. influencing how products and services are
experienced.

Blockchain Expanding applica ons of Increased demand for blockchain developers

Applica ons blockchain technology. and specialists in areas such as secure
transac ons, supply chain management, and
smart contracts.

Globaliza on and Enhanced globaliza on Increased importance of global awareness,

Cross-Cultural and cross-cultural communica on, and cultural intelligence skills
Collabora on collabora on. across occupa ons for effec ve collabora on.

Categorizing these trends provides a framework for understanding the evolving landscape of Future Skills
sub-sector occupa ons, guiding individuals and organiza ons in preparing for the demands of the digital
era.

39
Par cipant Handbook

2.1.4 Roles in the Future Skills Sub-sector

Roles in the Future Skills sub-sector highlight the diverse skill set required, ranging from technical
exper se in emerging technologies to crea ve and strategic capabili es essen al for success in the digital
era.

Fig. 2.1.6 Future skills sub-sector

Role Descrip on

Analyze and interpret complex data sets to derive

Data Analysts meaningful insights, suppor ng informed decision-
making.

Focus on safeguarding digital systems, networks, and data

Cybersecurity
from cyber threats, ensuring the security and integrity of
Specialists
informa on.

User Experience Design and enhance the overall user experience of digital
(UX) Designers products, ensuring they are intui ve, user-friendly, and
align with user expecta ons.

Develop and implement AI algorithms and solu ons,

Ar ficial Intelligence
leveraging machine learning and data science to create
(AI) Engineers
intelligent applica ons.

Design and manage cloud infrastructure, enabling

Cloud Architects organiza ons to leverage cloud services for scalability,
flexibility, and efficiency.

40
 Application Developer-Web & Mobile

Employ digital channels and strategies to promote

Digital Marke ng
products or services, u lizing analy cs to op mize
Specialists
marke ng campaigns.

Create immersive digital experiences using AR and VR

AR and VR
technologies, applicable in diverse fields such as gaming,
Developers
educa on, and healthcare.

Work on developing secure and transparent blockchain-

Blockchain
based solu ons for applica ons like secure transac ons
Developers
and smart contracts.

Bridge the gap between development and opera ons,

DevOps Engineers focusing on collabora on, automa on, and con nuous
improvement in the so ware development lifecycle.

Develop and manage digital content for various pla orms,

Content Creators
including websites, social media, and other online
and Managers
channels.

RPA Specialists Implement automa on solu ons using RPA technologies

to streamline and op mize repe ve business processes.

Design and implement solu ons involving interconnected

IoT Specialists devices, contribu ng to the development of smart and
interconnected systems.

41
Par cipant Handbook

Exercise
Answer the following ques ons:
Short Ques ons:
1. What is the primary focus of the Future Skills sub-sector?
2. Can you name one occupa on under the Future Skills sub-sector that involves interpre ng
complex data sets?
3. Why is understanding key trends crucial in the Future Skills sub-sector?
4. How does the Future Skills sub-sector contribute to adap ng to an evolving technological
landscape?
5. Briefly describe the role of User Experience (UX) Designers in the Future Skills sub-sector. the
sector's adaptability and growth?

Fill-in-the-Blanks:
1. The Future Skills sub-sector is dedicated to preparing individuals for success in the __________
era.
a) Tradi onal
b) Digital
2. _________ and _________ are examples of occupa ons within the Future Skills sub-sector.
a) Ar sans, Farmers
b) Data Analysts, Cybersecurity Specialists
3. Understanding key trends is crucial in the Future Skills sub-sector to stay ahead of __________.
a) Past Prac ces
b) Industry Developments
4. Various roles in the Future Skills sub-sector include Data Analysts, Cybersecurity Specialists, and
__________.
a) Architects
b) User Experience (UX) Designers
5. User Experience (UX) Designers play a pivotal role in ensuring that digital products are
__________ and align with user expecta ons.
a) Complex
b) Intui ve

True/False Ques ons:

1. The Future Skills sub-sector is focused solely on tradi onal skill sets.
2. Data Analysts and Cybersecurity Specialists are not occupa ons within the Future Skills sub-
sector.

3. Understanding key trends is not important in staying compe ve in the Future Skills sub-sector.
4. User Experience (UX) Designers are not involved in shaping the overall user experience of digital
products in the Future Skills sub-sector.

5. The Future Skills sub-sector is not influenced by the need for adaptability in an ever-changing
technological landscape.

42
 Application Developer-Web & Mobile

Notes

QR Code
Scan the QR Code to watch the related videos

h ps://youtu.be/dXpsS3V7HXg
Overview of Future Skills And Cyber Security

43
Par cipant Handbook

44
3. Web Technology –
An Introduction

Unit 3.1 - Fundamentals of Web Technology

Bridge Module
 Application Developer-Web & Mobile

Key Learning Outcomes

At the end of this module, you will be able to:
1. Define the terms “Internet” and “Web technology”
2. Provide an overview of different components of the internet
3. Discuss the evolving informa on technology landscape and the importance and relevance of Web
technologies

4. State the key business drivers for adop on of web technologies

5. Discuss the different types of web technologies

6. Analyze different use cases and applica ons of web technologies and their applica ons across
industries

46
Par cipant Handbook

UNIT 3.1: Fundamentals of Web Technology

Unit Objectives
At the end of this unit, you will be able to:
1. Define the terms “Internet” and “Web technology”

2. Provide an overview of different components of the internet

3. Discuss the evolving informa on technology landscape and the importance and relevance of Web
technologies

4. State the key business drivers for adop on of web technologies

5. Discuss the different types of web technologies

6. Analyze different use cases and applica ons of web technologies and their applica ons across
industries

3.1.1 Concepts of Internet and Web Technology

Understanding and ar cula ng the fundamental concepts of the Internet and Web technology is essen al
in the context of applica on development.

Fig 3.1.1 Internet and web technology

Internet:
The Internet is a global network that connects millions of computers and devices worldwide.

It operates on a set of protocols, including TCP/IP, enabling the exchange of informa on through
standardized communica on methods.
In applica on development, the Internet serves as the infrastructure that facilitates the communica on

47
 Application Developer-Web & Mobile

between users and servers.

It provides the founda on for web-based applica ons to operate seamlessly across different devices and
pla orms.

Fig 3.1.2 How TCP/IP work

Web Technology:
Web technology refers to the tools, protocols, and languages used to create, deliver, and interact with
content on the World Wide Web. This encompasses a wide range of technologies, including HTML, CSS,
JavaScript, and various frameworks.
In the context of applica on development, web technology is the cornerstone for building interac ve and
dynamic web applica ons. It enables developers to design user interfaces, manage data exchange, and
create responsive and engaging user experiences.

Dis nguishing Between Internet and Web Technology:

While the Internet is the global network connec ng computers and devices, web technology specifically
focuses on the tools and protocols used for crea ng and interac ng with content on the World Wide Web.

Fig 3.1.3 World Wide Web

48
Par cipant Handbook

Internet protocols provide the infrastructure for data transmission, and web technology u lizes these
protocols to enable the crea on and func onality of web applica ons.
Applica on development on the Internet involves leveraging web technologies to design, build, and
deploy so ware that can be accessed and u lized through web browsers.

3.1.2 Understanding the Internet's Components

Exploring the intricacies of the Internet involves delving into its fundamental components, each playing a
crucial role in global connec vity and informa on exchange. In the realm of applica on development, a
comprehensive overview of these components becomes the cornerstone for cra ing efficient and
effec ve digital solu ons.

Fig 3.1.4 Internet's components

Components of the Internet:

· Servers: Servers, the backbone of the Internet, store and manage data, responding to client
requests and facilita ng the delivery of web-based services.
· Protocols: Internet protocols, notably TCP/IP, govern the standardized rules for data exchange,
ensuring reliable communica on across the vast network.

· Routers and Switches: Routers and switches facilitate data flow within networks, connec ng
devices and managing traffic to enable seamless communica on.
· Domain Name System (DNS): The DNS translates human-readable domain names into IP
addresses, enabling users to access websites using recognizable names.

· Firewalls: Firewalls act as security barriers, monitoring and controlling network traffic to
safeguard against unauthorized access and cyber threats.

49
 Application Developer-Web & Mobile

· Internet Service Providers (ISPs): ISPs provide users with access to the Internet, connec ng them
to the global network through various technologies.
· Browsers: Web browsers interpret HTML, CSS, and JavaScript, allowing users to access and
interact with content on the Internet.

· Cables and Transmission Media: Physical infrastructure, including fiber-op c cables, forms the
basis for transmi ng data globally, ensuring robust connec vity.
Equipping developers with a nuanced understanding of these components empowers them to navigate
the intricacies of the Internet, op mizing their approach to applica on development for enhanced
performance and security.

3.1.3 Evolving Informa on Technology Landscape and the

Significance of Web Technologies
The relentless evolu on of the informa on technology (IT) landscape has profoundly shaped the way
socie es operate and interact. In this dynamic environment, the importance and relevance of web
technologies emerge as pivotal elements, influencing how businesses, individuals, and communi es
engage with the digital world.

Fig 3.1.1 Internet and web technology

50
Par cipant Handbook

Evolving IT Landscape:
The IT landscape has undergone remarkable transforma ons, marked by the following key
developments:

· Shi Towards Digitaliza on: Organiza ons and individuals have increasingly embraced digital
pla orms, transi oning from tradi onal modes of opera on to digitally-driven processes.
· Rise of Cloud Compu ng: Cloud compu ng has emerged as a game-changer, offering scalable and
flexible solu ons for data storage, processing, and applica on deployment.

· Mobile Revolu on: The prolifera on of smartphones and mobile devices has created a mobile-
first approach, influencing how people access informa on and use applica ons.
· Data Explosion and Analy cs: The exponen al growth of data has led to a greater emphasis on
data analy cs, providing valuable insights for informed decision-making.
Importance and Relevance of Web Technologies:
Web technologies play a central role in this evolving landscape, offering several key contribu ons:

· Global Connec vity: Web technologies enable global connec vity, allowing users to access
informa on, services, and applica ons from virtually anywhere with an internet connec on.
· Interac ve User Experiences: The emphasis on user experience (UX) design within web
technologies ensures the crea on of interac ve and engaging interfaces, enhancing user
sa sfac on.
· Cross-Pla orm Compa bility: Web technologies provide the founda on for cross-pla orm
compa bility, allowing applica ons to run seamlessly on various devices and opera ng systems.

· Facilita on of E-Commerce: E-commerce thrives on web technologies, providing businesses with

the pla orm to reach a global audience, conduct transac ons, and offer personalized experiences.
· Support for Rapid Development: Web development frameworks and tools facilitate rapid
applica on development, enabling businesses to respond swi ly to changing market demands.

In conclusion, the evolving IT landscape underscores the indispensable role of web technologies in driving
innova on, connec vity, and accessibility. As the digital era con nues to unfold, the adaptability and
relevance of web technologies will remain paramount, shaping the future of informa on technology and
influencing the way we live, work, and interact.

3.1.4 Key Business Drivers for Adop on of Web Technologies

As businesses navigate the digital landscape, the adop on of web technologies has become impera ve
for staying compe ve and mee ng evolving consumer expecta ons.

51
 Application Developer-Web & Mobile

Fig 3.1.6 Adop on of web technologies

Several key drivers propel organiza ons toward embracing web technologies to enhance their opera ons
and strategic ini a ves.

Key Business Drivers for Adop on of

Impact
Web Technologies

Expanded market reach, increased brand visibility,

1. Global Reach and Accessibility customer engagement, and poten al for global
business expansion.

2. Enhanced User Experience (UX) Improved UX leading to customer sa sfac on,

loyalty, and posi ve brand percep on, transla ng
into increased reten on and acquisi on.

3. E-Commerce and Online Sales Increased revenue streams, expanded customer

base, and the ability to operate 24/7, contribu ng
to the growth of online sales channels.

Enhanced accessibility ensuring a consistent user

4. Cross-Pla orm Compa bility experience across desktops, laptops, tablets, and
smartphones, broadening audience reach.

52
Par cipant Handbook

Quick response to market changes, rapid

deployment of new features, staying ahead of
5. Agility and Rapid Development
compe tors, fostering innova on, and
adaptability.

Empowerment for informed decision-making,

strategic planning, op miza on of business
6. Data-driven Decision-Making
processes, and iden fica on of market trends and
opportuni es.

7. Cost-effec veness and Scalability Reduced development costs and scalable

infrastructure contribu ng to opera onal
efficiency, enabling alignment of technology
expenses with growth.

The adop on of web technologies aligns with strategic business goals, enabling organiza ons to capitalize
on global markets, elevate customer experiences, and remain agile in a compe ve landscape. These key
drivers underscore the transforma ve impact of web technologies on modern business opera ons.

3.1.5 Key Business Drivers for Adop on of Web Technologies

Web technologies comprise a diverse spectrum of tools and frameworks, each playing a dis nct role in the
development and func onality of websites and web applica ons. Here's an overview of different types of
web technologies:

· Front-end Technologies: Responsible for the visual and interac ve aspects that users directly
interact with. Examples include HTML for structure, CSS for styling, and JavaScript for dynamic
behavior.
· Back-end Technologies: Handle server-side opera ons, database interac ons, and applica on
logic. Common back-end languages and frameworks include PHP, Python (Django), Ruby (Ruby on
Rails), and Java (Spring).
· Database Technologies: Manage data storage and retrieval. Op ons range from tradi onal
rela onal databases like MySQL and PostgreSQL to NoSQL databases like MongoDB and in-
memory databases like Redis.

Fig 3.1.7 SQL versus NoSQLaa

53
 Application Developer-Web & Mobile

· Web Development Frameworks: Provide pre-built templates, libraries, and tools to streamline
web development. Examples include React.js, Angular, Vue.js for front-end, and Express.js, Django
for back-end.
· Content Management Systems (CMS): Enable easy content crea on, modifica on, and
publica on. Popular CMS pla orms include WordPress, Joomla, and Drupal.

· Web Hos ng Services: Facilitate the deployment and accessibility of websites on the internet.
Pla orms like AWS, Azure, and tradi onal hos ng providers like Bluehost and SiteGround offer
hos ng solu ons.

· APIs (Applica on Programming Interfaces): Allow different so ware applica ons to

communicate and share data. RESTful APIs, GraphQL, and SOAP are common types used in web
development.

· Web Security Technologies: Ensure the security of web applica ons. Technologies such as HTTPS,
SSL/TLS protocols, and security frameworks like OAuth and OpenID Connect contribute to
securing data transmission and user authen ca on.
· Progressive Web Apps (PWAs): Combine features of web and mobile applica ons, providing a
seamless and responsive user experience. PWAs use technologies like service workers and
manifest files for offline capabili es and app-like func onali es.
· WebAssembly (Wasm): A binary instruc on format enabling high-performance code execu on in
web browsers. It allows developers to use languages like C, C++, and Rust to build applica ons
running at near-na ve speed in the browser.
From front-end interfaces to back-end opera ons, databases, and security measures, these technologies
form a comprehensive ecosystem, enabling the crea on of dynamic and interac ve online experiences.

3.1.6 Web Technologies Across Industries: Use Cases and

Applica ons
Web technologies have become integral across diverse industries, transforming processes, enhancing
customer experiences, and enabling innova on.
Here's an analysis of their use cases and applica ons across various sectors:
E-Commerce:

· Use Case: Web technologies power online shopping pla orms, providing secure transac ons,
personalized recommenda ons, and seamless naviga on.
· Applica on: E-commerce websites and applica ons like Amazon, Shopify, and eBay leverage web
technologies for user-friendly interfaces and efficient online transac ons.

54
Par cipant Handbook

Fig 3.1.8 Web technologies

Healthcare:

· Use Case: Web technologies facilitate telemedicine, appointment scheduling, and pa ent data
management.
· Applica on: Pla orms such as Doxy.me and Zocdoc u lize web technologies to connect
healthcare providers with pa ents remotely, improving accessibility and healthcare delivery.

Fig 3.1.9 IoT in healthcare

55
 Application Developer-Web & Mobile

Finance:
· Use Case: Web technologies enable online banking, secure transac ons, and real- me financial
data analysis.
· Applica on: Banking websites, investment pla orms like E*TRADE, and financial analy cs tools
leverage web technologies for seamless financial services.
Educa on:
· Use Case: Web technologies support online learning, e-learning pla orms, and collabora ve
educa onal tools.
· Applica on: Pla orms like Moodle, Coursera, and Google Classroom u lize web technologies to
provide interac ve learning materials, assessments, and virtual classrooms.
Manufacturing:
· Use Case: Web technologies enhance supply chain management, produc on monitoring, and
quality control.
· Applica on: Manufacturing companies implement web-based systems for inventory
management, produc on planning, and real- me monitoring, improving efficiency.
Travel and Hospitality:
· Use Case: Web technologies facilitate online booking, reserva on systems, and travel
informa on.
· Applica on: Travel agencies, hotel chains, and pla orms like Expedia use web technologies to
provide easy booking, travel i neraries, and real- me updates to travelers.
Government Services:
· Use Case: Web technologies enhance ci zen services, e-government portals, and informa on
dissemina on.
· Applica on: Government websites, such as official portals and online service pla orms, use web
technologies to streamline ci zen interac ons, access to informa on, and service delivery.

Fig 3.1.10 Web technologies in Government services

55
Par cipant Handbook

Entertainment and Media:

· Use Case: Web technologies enable content streaming, social media pla orms, and interac ve
experiences.
· Applica on: Streaming services like Ne lix, social media pla orms such as Facebook and
Instagram, and interac ve media websites use web technologies for content delivery and user
engagement.

Real Estate:
· Use Case: Web technologies facilitate property lis ngs, virtual tours, and online property
management.

· Applica on: Real estate websites like Zillow, property management pla orms, and virtual tour
services use web technologies to showcase proper es and streamline real estate transac ons.
Automo ve:

· Use Case: Web technologies support online car sales, vehicle tracking, and maintenance
scheduling.
· Applica on: Automo ve companies leverage web technologies for e-commerce pla orms,
connected car services, and customer support, enhancing the overall customer experience.

In conclusion, web technologies play a pivotal role across industries, offering versa le solu ons that cater
to specific needs, improve opera onal efficiency, and enhance customer interac ons. The applica ons
men oned showcase the adaptability and impact of web technologies in transforming diverse sectors.

57
 Application Developer-Web & Mobile

Exercise
Answer the following ques ons:

Short Ques ons:

1. What is the primary dis nc on between the terms "Internet" and "Web technology"?
2. Name one key component of the Internet infrastructure.

3. How does the evolving informa on technology landscape impact the importance of Web
technologies?
4. Iden fy a major business driver for the adop on of web technologies.

5. Provide an example of a use case where web technologies are crucial in the healthcare industry.

Fill-in-the-Blanks:
1. The ________________ is a global network of interconnected computers, while
________________ refers to the tools and protocols enabling the use of this network.
a) Internet, Web technology
b) Web technology, Internet
2. The Internet comprises various components such as ________________, ________________,
and ________________.
a) Servers, Routers, Databases
b) Websites, Data centers, End-user devices
3. The importance of Web technologies is heightened due to the dynamic nature of the _____.
a) Internet
b) Informa on technology landscape
4. Cross-pla orm compa bility is a significant business driver for the adop on of web technologies,
ensuring consistent user experiences across ________________.
a) Different web browsers and devices
b) Social media pla orms
5. Content Management Systems (CMS) are commonly used in the ________________ industry to
facilitate easy content crea on and modifica on.
a) Healthcare
b) Educa on
True/False Ques ons:
1. The Internet and Web technology are terms that can be used interchangeably.
2. Servers, routers, and databases are examples of components of the Internet infrastructure.
3. The evolving informa on technology landscape has a diminishing impact on the importance of
Web technologies.
4. Cost-effec veness and scalability are not considered key business drivers for the adop on of web
technologies.
5. Content Management Systems (CMS) are primarily used in the automo ve industry for website
development.

58
Par cipant Handbook

Notes

QR Code
Scan the QR Code to watch the related videos

h ps://youtu.be/NGAIdmMaHcQ
Introduc on to Web Technologies

59
 Application Developer-Web & Mobile

60
4. Mobile Development
– An Introduction

Unit 4.1 - Understanding Mobile Technology

Bridge Module
Par cipant Handbook

Key Learning Outcomes

At the end of this module, you will be able to:

1. Define “Mobile technology” and its different components

2. Discuss the commonly used Mobile development pla orms (such as iOS, Android etc.)

3. Discuss the evolving informa on technology landscape and the importance and relevance of
Mobile technologies

4. State the key business drivers for adop on of Mobile technologies

5. Analyze different use cases and applica ons of Mobile technologies and their applica ons across
industries

62
 Application Developer-Web & Mobile

UNIT 4.1: Understanding Mobile Technology

Unit Objectives
At the end of this unit, you will be able to:
1. Define “Mobile technology” and its different components

2. Discuss the commonly used Mobile development pla orms (such as iOS, Android etc.)

3. Discuss the evolving informa on technology landscape and the importance and relevance of Mobile
technologies

4. State the key business drivers for adop on of Mobile technologies

5. Analyze different use cases and applica ons of Mobile technologies and their applica ons across
industries

4.1.1 Mobile Technology Components

Mobile technology is a mul faceted field encompassing the development, implementa on, and
u liza on of technologies that enable communica on and the execu on of various tasks through
portable electronic devices.

Fig 3.1.1 Internet and web technology

63
Par cipant Handbook

At its core, mobile technology revolves around the idea of providing users with access to informa on,
services, and communica on capabili es without being tethered to a fixed loca on.
Key aspects include:

· Portability: Devices provide compu ng power anywhere, transforming communica on and work
dynamics.
· Wireless Connec vity: U lizes cellular networks, Wi-Fi, and Bluetooth for seamless data transfer.
· Versa lity: Mobile devices serve diverse needs, hos ng applica ons for produc vity,
entertainment, naviga on, and health.
· Applica ons: Extensive app ecosystems, like App Store and Google Play, contribute to a rich user
experience.

· Hardware Innova on: Ongoing advancements enhance performance, imaging, and overall user
sa sfac on.
· Opera ng Systems: iOS, Android, and others manage hardware, provide a user interface, and
support applica ons.

· Global Impact: Mobile tech transcends borders, impac ng healthcare, educa on, finance, and
commerce globally.
To comprehend mobile technology, it's crucial to iden fy its key components, encompassing hardware,
opera ng systems, and communica on protocols.

· Hardware: Physical components cons tu ng a mobile device.

Examples: Processors (CPU), memory (RAM), storage, display screen, camera, sensors
(accelerometer, gyroscope), ba ery, and connec vity components (Wi-Fi, Bluetooth).

· Opera ng Systems (OS): So ware managing and controlling mobile device hardware.

Examples: iOS (Apple), Android (Google), HarmonyOS (Huawei), providing a user interface,
applica on management, and device interac on.

Fig. 4.1.2 Opera ng systems

64
 Application Developer-Web & Mobile

· Communica on Protocols: Rules governing data exchange between devices in a network.

Fig. 4.1.3 Communica on protocols

Examples:

· Wi-Fi: High-speed wireless internet access.

· Bluetooth: Short-range wireless communica on.

· Cellular Networks (3G, 4G, 5G): Long-distance voice and data communica on.
· NFC (Near Field Communica on): Short-range communica on for tasks like mobile payments.
· GPS (Global Posi oning System): Loca on determina on.
Understanding these components is founda onal for anyone involved in mobile technology, ensuring a
grasp of the interconnected elements shaping the func onality and connec vity of mobile devices.

4.1.2 Commonly Used Mobile Development Pla orms

Overview
Mobile Development Pla orms (MDPs) refer to the comprehensive environments, frameworks, and tools
used by developers to create applica ons specifically designed for mobile devices such as smartphones
and tablets.

These pla orms provide the necessary resources and structures for coding, tes ng, and deploying mobile
applica ons across different opera ng systems, ensuring compa bility and op mal performance.

65
Par cipant Handbook

Fig. 4.1.4 Mobile development pla orms

Mobile development pla orms play a pivotal role in crea ng applica ons for smartphones and tablets.
Two major pla orms, iOS and Android, dominate the market, each with dis nct characteris cs:
· iOS (Apple):

o Environment: Proprietary pla orm exclusive to Apple devices (iPhone, iPad).

o Programming Language: Primarily uses Swi , with Objec ve-C legacy support.
o App Distribu on: Through the Apple App Store.
o Development Tools: Xcode is the official integrated development environment (IDE).

o User Base: Known for a lucra ve user base with high app mone za on.
· Android (Google):
o Environment: Open-source pla orm used by a variety of manufacturers.

o Programming Language: Primarily uses Java and Kotlin.

o App Distribu on: Through Google Play Store.
o Development Tools: Android Studio is the official IDE.

o User Base: Encompasses a wide range of devices, offering extensive market reach.

· Cross-Pla orm Frameworks:

o Purpose: Facilitate app development for mul ple pla orms with shared code.

o Examples: React Na ve, Flu er, Xamarin.

o Advantages: Time and resource efficiency, enabling developers to write code once and

66
 Application Developer-Web & Mobile

deploy on both iOS and Android.

· Progressive Web Apps (PWAs):

o Purpose: Combines web and app features for an enhanced user experience.
o Development: U lizes web technologies (HTML, CSS, JavaScript).

o Advantages: Accessible through browsers, reducing the need for separate app
development.
Choosing a development pla orm depends on factors like target audience, development resources, and
specific app requirements. Developers o en consider both iOS and Android or leverage cross-pla orm
solu ons for broader market coverage.

4.1.3 Evolving IT Landscape and the Significance of Mobile

Technologies
The informa on technology landscape is con nuously evolving, shaped by technological advancements
and changing user behaviors. Mobile technologies play a pivotal role in this dynamic environment,
offering transforma ve impacts across various domains:
Ubiquitous Connec vity:

· Evolu on: The rise of 5G technology enhances network speed and connec vity, ensuring faster
data transfer and improved mobile experiences.
· Importance: Mobile devices become primary tools for real- me communica on, data access, and
collabora ve work, fostering a connected global ecosystem.

Internet of Things (IoT) Integra on:

· Evolu on: The prolifera on of IoT devices contributes to a network of interconnected smart
devices.

· Importance: Mobile devices act as central hubs, facilita ng communica on and control over IoT
devices, crea ng smart homes, ci es, and industries.
Augmented and Virtual Reality (AR/VR):

· Evolu on: Advancements in AR/VR technologies redefine user interac ons and experiences.

· Importance: Mobile devices serve as pla orms for AR/VR applica ons, influencing gaming,
educa on, healthcare, and immersive storytelling.

Ar ficial Intelligence (AI) Integra on:

· Evolu on: AI capabili es, including machine learning and natural language processing, evolve
rapidly.
· Importance: Mobile technologies integrate AI, enhancing personaliza on, virtual assistants, and
predic ve analy cs in applica ons and services.

67
Par cipant Handbook

Fig. 4.1.5 IT landscape in mobile

Mobile-First Approach in
· Business:

o Evolu on: Businesses increasingly adopt a mobile-first strategy for customer engagement
and service delivery.
o Importance: Mobile technologies enable seamless interac ons, mobile banking, e-
commerce, and on-the-go access to services, transforming business models.

· Cloud Compu ng Integra on:

o Evolu on: Cloud compu ng advancements support scalable and flexible solu ons.
o Importance: Mobile technologies leverage cloud services, enabling storage, computa on,
and collabora on, reducing device dependency and enhancing accessibility.

· Security Challenges and Solu ons:

o Evolu on: With increased connec vity, cybersecurity challenges evolve, necessita ng
robust solu ons.

o Importance: Mobile technologies focus on enhancing security measures, including

biometrics, encrypted communica ons, and secure app development prac ces.

68
 Application Developer-Web & Mobile

· Remote Work and Collabora on:

o Evolu on: The shi towards remote work accelerates, demanding effec ve collabora on
tools.

o Importance: Mobile technologies facilitate remote work through collabora on apps, video
conferencing, and cloud-based produc vity tools, reshaping work dynamics.
Mobile technologies are integral in naviga ng the evolving IT landscape, driving innova on, connec vity,
and user experiences. As technological trends con nue to shape the future, the importance of mobile
technologies is poised to grow, influencing diverse sectors and redefining the way individuals and
businesses interact with informa on and services.

4.1.4 Key Business Drivers for Adop on of Mobile

Technologies
The adop on of mobile technologies is not only a response to current market trends but also a strategic
move for businesses to stay compe ve, agile, and responsive to evolving consumer preferences and
behaviors:

Business Drivers for Adop on of

Impact on Businesses
Mobile Technologies

Market Reach and Accessibility Expansion into new markets and demographics.

Increased brand visibility and customer accessibility.

User Engagement and Experience Enhanced user sa sfac on and loyalty.

Posi ve reviews and recommenda ons.

Compe ve Advantage Outpacing compe tors in innova on and technology

adop on.

A rac on of customers through leading-edge

solu ons.

E-commerce and M-commerce

Opportuni es Seamless online shopping experiences.

Expansion of digital storefronts and increased sales.

Data-Driven Decision Making Informed decision-making based on user insights.

Effec ve marke ng, product development, and

resource alloca on.

69
Par cipant Handbook

Efficiency and Produc vity Streamlined internal processes and workflows.

Improved overall produc vity and reduced opera onal

costs.

Customer Rela onship Management

Personalized and mely customer interac ons.
(CRM)

Stronger customer rela onships and posi ve brand

percep on.

Innova ve Revenue Models Explora on of new income sources and business

models.

Diversifica on of revenue streams.

Employee Mobility and Flexibility Support for remote work and a flexible workforce.

A rac on of top talent and improved employee

sa sfac on.

Brand Loyalty and Recogni on Building stronger connec ons with customers.

Development of brand loyalty and posi ve word-of-

mouth marke ng.

Fig. 4.1.6 Adop on of mobile technologies

These business drivers showcase the diverse ways in which the adop on of mobile technologies posi vely
impacts businesses across various aspects.

70
 Application Developer-Web & Mobile

4.1.5 Analysis of Mobile Technologies Use Cases Across

Industries
The diverse applica ons of mobile technologies across industries demonstrate their transforma ve
impact on processes, customer experiences, and overall opera onal efficiency. The use cases range from
enhancing healthcare delivery to revolu onizing educa onal methods and streamlining logis cs and
transporta on. Mobile technologies have become integral across sectors, contribu ng to innova on and
improved services.

Fig. 4.1.7 Analysis of mobile technologies

· Healthcare:

o Mobile health apps for pa ent monitoring and telemedicine.

o Electronic health records (EHR) accessible through mobile devices.

o Medica on adherence apps and reminders.

o Wearable devices for health tracking.

o Emergency response and telehealth services via mobile pla orms.
· Finance:

o Mobile banking applica ons for transac ons and account management.
o Mobile payment solu ons and digital wallets.
o Personal finance and investment management apps.

o Fraud detec on and security through mobile authen ca on.

o Real- me stock market monitoring and trading apps.
· Retail and E-commerce:

o Mobile shopping apps with personalized recommenda ons.

71
Par cipant Handbook

o ·Augmented reality for virtual try-ons and product visualiza on.

o ·Mobile payment op ons and in-app purchases.

o ·Loca on-based marke ng and personalized offers through mobile.

o ·Inventory management and order tracking using mobile devices.

· Educa on:
o Mobile learning apps and e-books for educa onal content delivery.

o Interac ve educa onal games and quizzes on mobile pla orms.

o Virtual classrooms and online courses accessible via mobile devices.
o Educa onal apps for skill development and language learning.

o Mobile-based student engagement and communica on tools.

· Manufacturing:
o Mobile-enabled asset tracking and management.

o Remote monitoring of manufacturing processes using mobile devices.

o Maintenance and equipment diagnos cs through mobile apps.

o Mobile inventory management and supply chain op miza on.

o Augmented reality (AR) for training and assembly line guidance.

· Hospitality and Tourism:

o Mobile hotel booking apps and reserva on systems.

o Travel planning and naviga on using mobile maps and guides.

o Mobile check-in and digital room keys for hotels.
o Augmented reality for loca on-based informa on and historical tours.

o Mobile-based language transla on for tourists.

· Transporta on and Logis cs:

o Mobile ride-sharing and taxi-hailing apps.
o Package tracking and delivery management through mobile devices.

o Fleet management solu ons with mobile monitoring.

o Mobile cke ng and contactless payment for public transporta on.
o Naviga on and route op miza on using mobile GPS.

The applica ons of mobile technologies across industries showcase their versa lity and transforma ve
impact on various aspects of business opera ons and customer experiences.

72
 Application Developer-Web & Mobile

Fig. 4.1.8 Mobile technologies applica ons

73
Par cipant Handbook

Exercise
Answer the following ques ons:
Short Ques ons:
1. What is the primary objec ve of mobile technology?
2. Name one commonly used mobile development pla orm besides iOS and Android.
3. How does mobile technology contribute to the evolving IT landscape?
4. Iden fy one key business driver for the adop on of mobile technologies.
5. Can you provide an example of a use case for mobile technology in healthcare?
Fill-in-the-Blanks:
1. Mobile technology comprises __________ and __________ components.
a) So ware, hardware
b) Web, cloud
2. The commonly used mobile development pla orms include iOS, Android, and __________.
a) Windows
b) HarmonyOS
3. In the evolving informa on technology landscape, mobile technologies play a crucial role in
fostering __________ and __________.
a) Connec vity, accessibility
b) Security, efficiency
4. iv. One key business driver for the adop on of mobile technologies is gaining a __________
advantage.
a) Financial
b) Compe ve
5. v. Mobile technology use cases in the hospitality industry include mobile hotel booking apps
and digital room keys for seamless __________.
a) Check-out
b) Check-in
True/False Ques ons:
1. Mobile technology solely encompasses hardware components. (False)
2. Windows is a commonly used mobile development pla orm. (False)
3. Mobile technologies have no impact on the evolving informa on technology landscape. (False)
4. Cost reduc on is not a key business driver for the adop on of mobile technologies. (False)
5. Use cases for mobile technology in healthcare may include pa ent monitoring and
telemedicine. (True)

74
 Application Developer-Web & Mobile

Notes

QR Code
Scan the QR Code to watch the related videos

h ps://youtu.be/C7URTDR5HJY
Mobile Technologies

75
Par cipant Handbook

76
5. Global Standards
and Regulations

Unit 5.1 - Data Management Standards and Compliance

Bridge Module
 Application Developer-Web & Mobile

Key Learning Outcomes

At the end of this module, you will be able to:

1. Iden fy general principles and basic concepts of data management standards across
2. Iden fy the key actors under the regula ons and understand their roles
3. Evaluate the rights of data owners
4. Evaluate various enforcement and compliance mechanisms
5. Demonstrate ac ons in accordance with enforcement and compliance obliga ons

78
Par cipant Handbook

UNIT 5.1: Data Management Standards and Compliance

Unit Objectives
At the end of this unit, you will be able to:
1. Iden fy general principles and basic concepts of data management standards across

2. Iden fy the key actors under the regula ons and understand their roles

3. Evaluate the rights of data owners

4. Evaluate various enforcement and compliance mechanisms

5. Demonstrate ac ons in accordance with enforcement and compliance obliga ons

5.1.1 Principles and Basic Concepts of Data Management

Standards
Data management standards are crucial for ensuring the responsible handling, storage, and u liza on of
informa on.

Fig. 5.1.1 Data management standards

Here are general principles and basic concepts underlying data management standards across various
industries:

79
 Application Developer-Web & Mobile

· Data Integrity:
o Principle: Ensuring accuracy and consistency of data throughout its lifecycle.

o Concept: Implemen ng measures to prevent errors, corrup on, or unauthorized

altera ons in data.
· Confiden ality:

o Principle: Safeguarding sensi ve informa on from unauthorized access.

o Concept: Employing encryp on, access controls, and secure transmission methods to
protect confiden al data.
· Availability:

o Principle: Ensuring that data is accessible when needed.Concept: Implemen ng redundant

systems, backups, and disaster recovery plans to maintain data availability.
· Compliance with Regula ons:

o Principle: Adhering to relevant laws and industry-specific regula ons.

o Concept: Staying informed about data protec on laws (e.g., GDPR, HIPAA) and aligning
prac ces accordingly.

· Data Lifecycle Management:

o Principle: Managing data from crea on to dele on in a structured manner.

o Concept: Defining stages such as crea on, storage, archival, and disposal, and applying
appropriate controls at each stage.

· Data Governance:
o Principle: Establishing policies, roles, and responsibili es for effec ve data management.
o Concept: Implemen ng frameworks that define who can access, modify, and use data
within an organiza on.

Fig. 5.1.2 Data governance

80
Par cipant Handbook

· Data Quality:
o Principle: Ensuring the accuracy, completeness, and reliability of data.

o Concept: Employing valida on checks, data profiling, and cleansing processes to maintain
high data quality.
· Transparency:

o Principle: Providing clear and understandable informa on about data prac ces.

o Concept: Communica ng data management policies, prac ces, and privacy no ces to
stakeholders.
· Ethical Use of Data:

o Principle: Upholding ethical standards in data collec on, processing, and u liza on.
o Concept: Considering the ethical implica ons of data usage and ensuring alignment with
organiza onal values.

· Risk Management:

o Principle: Iden fying and mi ga ng poten al risks associated with data handling.
o Concept: Conduc ng risk assessments, implemen ng security measures, and having
con ngency plans in place.

Understanding and applying these principles and concepts is essen al for organiza ons to establish
robust data management standards that promote integrity, security, and compliance across diverse
industries

5.1.2 Key Actors and their Roles under Data Management

Regula o
Understanding the roles of these key actors is crucial for ensuring compliance with data management
regula ons.

Actor Role

Data
Role: Holds primary responsibility for the data.
Owner

Responsibili es: Determines how data is collected, processed, and used.

Ensures: Compliance with regula ons and protec on of data rights.

Data
Role: Determines the purposes and means of processing personal data.
Controller

Responsibili es: Implements data protec on policies and ensures compliance.

81
 Application Developer-Web & Mobile

- Acts as: Point of contact for data subjects and supervisory authori es.

Data
Processor - Role: Processes data on behalf of the data controller.

- Responsibili es: Follows instruc ons from the data controller and ensures
data security.

- May engage: Sub-processors, subject to the data controller's consent.

Data
Subject - Role: Individual to whom the data belongs.

- Rights: Right to access, correct, and request dele on of their data.

- Can: Consent or withdraw consent for data processing.

Regulatory
Authori es - Role: Oversight and enforcement of data protec on regula ons.

- Responsibili es: Inves gate non-compliance, impose fines, and provide

guidance on regula ons.

- Examples: GDPR's supervisory authori es, such as the Informa on

Commissioner's Office (ICO).

Data
Protec on
Officer - Role: Ensures an organiza on's compliance with data protec on laws.
(DPO)

- Responsibili es: Advises on data protec on impact assessments, monitors

compliance, and serves as a point of contact for regulatory authori es.

- Mandatory: For organiza ons processing sensi ve data on a large scale or

engaging in systema c monitoring.

82
Par cipant Handbook

Fig. 5.1.3 Data management related officers – A sample

The collabora on and responsibili es of data owners, controllers, processors, subjects, regulatory
authori es, and Data Protec on Officers collec vely contribute to maintaining data integrity and
protec ng individual privacy.

5.1.3 Evalua on of Rights of Data Owners

Data owners, individuals to whom the data pertains, possess specific rights to ensure the fair and lawful
processing of their informa on.

Fig. 5.1.4 Data owners

Here's an evalua on of the rights of data owners:

83
 Application Developer-Web & Mobile

Rights of Data Owners Evalua on

Evalua on: Data owners have the right to obtain confirma on of

1. Right to Access whether their data is being processed and access the informa on
held about them.

Importance: Empowers individuals to be aware of and verify the

lawfulness of data processing ac vi es.

Evalua on: Data owners can request the correc on of inaccurate

2. Right to Rec fica on
or incomplete personal data.

Importance: Ensures the accuracy of the data and reflects the

principle of data integrity.

3. Right to Erasure (Right Evalua on: Data owners can request the dele on of their personal
to be Forgo en) data under specific circumstances.

Importance: Enables individuals to have their data removed when

it is no longer necessary or lawfully processed.

4. Right to Restric on of Evalua on: Data owners can limit the processing of their data
Processing under certain condi ons.

Importance: Offers individuals control over the processing of their

data while resolving disputes or concerns.

5. Right to Data Evalua on: Data owners can receive their personal data in a
Portability structured, commonly used, and machine-readable format.

Importance: Facilitates the transfer of personal data between

service providers, promo ng user control.

Evalua on: Data owners can object to the processing of their data
6. Right to Object
for specific reasons, including direct marke ng.

Importance: Safeguards individual interests and privacy

preferences.

7. Right to Automated Evalua on: Data owners have the right not to be subjected to
Decision-Making and decisions based solely on automated processing, including
Profiling profiling.

84
Par cipant Handbook

Importance: Protects individuals from poten ally biased or

discriminatory automated decisions.

8. Right to Informa on Evalua on: Data owners have the right to be informed about the
about Processing collec on and processing of their data.

Importance: Enhances transparency and allows individuals to make

informed decisions about data sharing.

9. Right to Lodge a Evalua on: Data owners can file complaints with a supervisory
Complaint authority if they believe their rights have been violated.

Importance: Provides a mechanism for individuals to seek redress in

case of data protec on viola ons.

Fig. 5.1.5 Data process

Understanding and upholding these rights is crucial for organiza ons to demonstrate a commitment to
data privacy and compliance with data protec on regula ons. It also fosters trust between businesses
and individuals whose data they process.

85
 Application Developer-Web & Mobile

5.1.4 Evalua on of Various Enforcement and Compliance

Mechanisms
Enforcement and compliance mechanisms play a cri cal role in ensuring that organiza ons adhere to data
management standards and regula ons.

Fig. 5.1.4 Data owners

Here's an evalua on of various mechanisms employed to enforce and ensure compliance:

· Legal and Regulatory Frameworks:
o Evalua on: Comprehensive legal frameworks (e.g., GDPR, HIPAA) set the founda on for
data protec on, defining obliga ons, and specifying penal es for non-compliance.
o Effec veness: High; legal consequences serve as a strong deterrent.
· Data Protec on Officers (DPOs):

o Evalua on: Appoin ng DPOs is a proac ve measure, enhancing internal accountability for
data protec on.
o Effec veness: Moderate to High; DPOs facilitate compliance through advice, monitoring,
and serving as a point of contact.

· Audits and Assessments:

o Evalua on: Regular audits and assessments iden fy gaps in compliance and ensure
ongoing adherence to standards.

o Effec veness: High; proac ve iden fica on and correc on of compliance issues.
· Training and Awareness Programs:
o Evalua on: Educa onal ini a ves enhance awareness among employees regarding data

86
Par cipant Handbook

protec on policies and prac ces.

o Effec veness: Moderate; contributes to a culture of compliance but may require
reinforcement.

· Incident Response Plans:

o Evalua on: Having robust incident response plans addresses data breaches promptly,
minimizing poten al damages.

o Effec veness: High; quick response mi gates the impact of data breaches.
· Consent Management Systems:

o Evalua on: Implemen ng robust systems for obtaining and managing consent ensures
lawful data processing.
o Effec veness: High; clear and documented consent is crucial for compliance.Technological
Safeguards:

o Evalua on: Implemen ng encryp on, access controls, and other cybersecurity measures
safeguards data integrity.
o Effec veness: High; cri cal for protec ng data from unauthorized access.

· Penal es and Fines:

o Evalua on: Imposing financial penal es for non-compliance serves as a significant

deterrent.
o Effec veness: High; substan al fines incen vize organiza ons to priori ze compliance.

· Interna onal Data Transfer Mechanisms:

o Evalua on: Adhering to approved mechanisms for cross-border data transfers ensures
compliance with global standards.

o Effec veness: High; essen al for organiza ons opera ng in mul ple jurisdic ons.

· Whistleblower Mechanisms:
o Evalua on: Providing avenues for repor ng viola ons encourages internal repor ng of
non-compliance.

o Effec veness: Moderate; supports internal monitoring but may not capture all issues.
· Industry Standards and Cer fica ons:
o Evalua on: Adhering to industry-specific standards and cer fica ons demonstrates a
commitment to best prac ces.
o Effec veness: Moderate to High; varies based on the industry and cer fica on
requirements.

The effec veness of these mechanisms depends on the organiza on's commitment, the nature of the
industry, and the regulatory landscape. A comprehensive approach that combines legal frameworks,
technology, and organiza onal culture is crucial for successful enforcement and compliance.

87
 Application Developer-Web & Mobile

5.1.5 Demonstra ng Ac ons in Accordance with Enforcement

and Compliance Obliga ons
Ensuring compliance with data management standards and regula ons involves taking proac ve and
ongoing ac ons.

Fig. 5.1.7 Data management standards and regula ons

Here's a demonstra on of ac ons organiza ons can undertake in accordance with enforcement and
compliance obliga ons:

· Establishing Clear Policies:

o Ac on: Develop and communicate comprehensive data management policies that align
with relevant regula ons.

o Ra onale: Clarity in policies sets the founda on for consistent and compliant prac ces.
· Appointment of Data Protec on Officer (DPO):
o Ac on: Designate a qualified DPO responsible for overseeing compliance efforts.

o Ra onale: DPOs play a crucial role in advising, monitoring, and ensuring alignment with
data protec on regula ons.
· Regular Employee Training:

o Ac on: Conduct regular training sessions to educate employees on data protec on policies
and their responsibili es.
o Ra onale: Well-informed employees are essen al for maintaining a culture of compliance.

· Implementa on of Consent Management Systems:

o Ac on: Deploy robust systems for obtaining, managing, and documen ng user consent for
data processing.
o Ra onale: Clear and documented consent is a fundamental aspect of compliance.

· Conduc ng Regular Audits and Assessments:

o oAc on: Perform periodic internal audits and assessments to iden fy and address
compliance gaps.

88
Par cipant Handbook

o Ra onale: Proac ve iden fica on of issues facilitates con nuous improvement.

· Incident Response Planning and Execu on:

o Ac on: Develop and regularly update incident response plans to address data breaches
promptly.

o Ra onale: Quick and effec ve response minimizes poten al damages and demonstrates
commitment to compliance.
· Ensuring Technological Safeguards:

o Ac on: Implement encryp on, access controls, and cybersecurity measures to safeguard
data integrity.
o Ra onale: Technological safeguards are crucial for protec ng data from unauthorized
access.

· Compliance with Interna onal Data Transfer Mechanisms:

o Ac on: Adhere to approved mechanisms for cross-border data transfers, ensuring
compliance with global standards.

o Ra onale: Interna onal data transfers require adherence to specific regula ons and
frameworks.
· Monitoring and Adap ng to Regulatory Changes:
o Ac on: Stay informed about changes in data protec on laws and regula ons, and adapt
policies accordingly.
o Ra onale: Adap ng to evolving regulatory landscapes ensures ongoing compliance.
· Implemen ng Whistleblower Mechanisms:
o Ac on: Establish channels for repor ng viola ons, encouraging internal repor ng of non-
compliance.
o Ra onale: Internal repor ng mechanisms support con nuous monitoring and early
detec on.

· Seeking Industry Standards and Cer fica ons:

o Ac on: Pursue industry-specific standards and cer fica ons to demonstrate commitment
to best prac ces. Ra onale: Cer fica ons provide external valida on of adherence to
industry standards.

Demonstra ng these ac ons showcases a commitment to enforcement and compliance obliga ons,
fostering a secure and trustworthy environment for data management within the organiza on. Regular
assessments and adaptability to evolving regulatory requirements are key elements of a successful
compliance strategy.

89
 Application Developer-Web & Mobile

Exercise
Answer the following ques ons:
Short Ques ons:
1. What is the primary purpose of data management standards?
2. Why is it important for organiza ons to iden fy general principles of data management?
3. What is the purpose of evalua ng various enforcement mechanisms in data management?
4. How do audits contribute to ensuring compliance within an organiza on?
5. Why is it important to evaluate the rights of data owners in a compliance framework?
Fill-in-the-Blanks:
1. Data owners have the right to request the ________ of inaccurate or incomplete personal data.
a. Modifica on
b. Rec fica on
2. The key actors under data management regula ons include Data Owners, Data Controllers, Data
___________.
a. Processors
b. Analyzers
3. Regular training sessions ensure that employees are well-informed about data protec on policies
and their ___________.
a. Responsibili es
b. Privileges
4. Incident response plans are crucial for addressing data breaches ___________.
a. Promptly
b. Indefinitely
5. Legal and regulatory frameworks establish the founda on for data protec on by defining
obliga ons and specifying ________ for non-compliance.
a. Rewards
b. Penal es
True/False Ques ons:

1. The Right to Erasure allows data owners to request the dele on of their data under any
circumstances.
2. Data Protec on Officers (DPOs) are not mandatory for organiza ons processing sensi ve data.

3. Compliance with interna onal data transfer mechanisms is necessary only for domes c
organiza ons.
4. Whistleblower mechanisms encourage internal repor ng of compliance issues within an
organiza on.

5. Regular audits and assessments are reac ve measures and do not contribute to ongoing
compliance.

90
Par cipant Handbook

Notes

QR Code
Scan the QR Code to watch the related videos

h ps://youtu.be/ZxinjLD4z4A
Compliance, Data Governance &
Protec on for SaaS Solu ons

91
 Application Developer-Web & Mobile

92
6. Development Tools
and Usage

Unit 6.1 - Applica on Development Tools and Prac ces

Bridge Module
Par cipant Handbook

Key Learning Outcomes

At the end of this module, you will be able to:
1. Examine good programming styles and documenta on habits

2. Use scrip ng languages to automate tasks and write simple programs

3. Use appropriate tools for building, debugging, tes ng, tuning, and maintaining programs

4. Configure opera ng system components

5. Iden fy so ware development needs and changes

6. Use various cloud compu ng pla orms and services

94
 Application Developer-Web & Mobile

UNIT 6.1: Applica on Development Tools and Prac ces

Unit Objectives
At the end of this unit, you will be able to:
1. Examine and apply good programming styles and documenta on habits.
2. Use scrip ng languages to automate tasks and develop simple programs.

3. U lize appropriate tools for building, debugging, tes ng, tuning, and maintaining programs.

4. Configure opera ng system components for op mal performance.

5. Iden fy and manage so ware development needs and changes.

6. Employ various cloud compu ng pla orms and services in the development process.

6.1.1 Good Programming Styles and Documentation Habits

Effec ve programming styles and documenta on prac ces are integral components of so ware
development that contribute to code clarity, maintainability, and collabora on. Adop ng these prac ces
helps create code that is not only func onal but also comprehensible and sustainable over me.

Fig. 6.1.1 Programming style

95
Par cipant Handbook

Here are key aspects of good programming styles and documenta on habits:

· Consistent Coding Styles:

Coding style refers to the conven ons and forma ng rules followed during code development.
Importance: Consistency in coding styles enhances readability, reduces confusion, and
establishes a unified approach within a codebase.
Principles:

· Adopt a consistent indenta on style to visually structure the code.

· Follow a naming conven on that is descrip ve and adheres to language-specific norms.
· Maintain a uniform code layout for improved aesthe cs and ease of understanding.

· Meaningful Comments:
Comments are annota ons within the code that provide addi onal informa on for developers.
Importance: Well-placed comments offer insights into code logic, making it easier for developers
to understand, modify, and maintain.

Best Prac ces:

· Use comments sparingly, focusing on complex or non-intui ve sec ons.
· Ensure comments stay updated with code changes to prevent misinforma on.

· Priori ze clear and concise comments that add value to the understanding of the code.

· Comprehensive Documenta on:

Documenta on encompasses external guides, README files, and inline explana ons that
describe the code's purpose, usage, and architecture.

Importance: Documenta on serves as a roadmap for developers, enabling them to navigate

through the codebase and understand its func onality without delving into the implementa on
details.

Essen al Components:
· README files offering an overview, installa on instruc ons, and usage guidelines.

· Inline documenta on within code files providing insights into func on behaviors and
parameters.

· Modulariza on and Structured Code:

Modulariza on involves breaking down the code into smaller, manageable components with
specific func onali es.
Importance: Modular code enhances maintainability, promotes code reuse, and facilitates
collabora on among developers working on different parts of the project.

96
 Application Developer-Web & Mobile

Guidelines:

· Break down complex tasks into modular func ons or classes.

· Organize code logically to create a cohesive and structured codebase.

· Version Control and Collabora on:
Version control systems, such as Git, enable tracking changes and facilitate collabora on among
developers.

Importance: Version control ensures a systema c approach to code changes, provides a history of
modifica ons, and enables mul ple developers to work on the same project concurrently.
Best Prac ces:
· Commit frequently with meaningful messages to track the evolu on of the codebase.

· U lize branches for feature development and bug fixes, merging changes systema cally.
· Con nuous Learning and Adapta on:
Keeping abreast of coding standards, best prac ces, and industry trends to enhance coding skills.

Importance: Con nuous learning fosters an adap ve mindset, allowing developers to

incorporate new prac ces and technologies for improved code quality.
Strategies:
· Engage with the developer community through forums, blogs, and conferences.

· Experiment with new coding styles and techniques in personal projects to broaden skill
sets.

· Teamwide Coding Standards:

Establishing and adhering to coding conven ons within a development team.

Importance: Teamwide coding standards create a cohesive and unified approach to code
development, fostering consistency and easing collabora on.

Implementa on:
· Collaborate to define and document coding conven ons that align with project
requirements.

· Conduct regular code reviews to ensure adherence to established standards.

· Documenta on for External Use:

External documenta on, including README files, provides informa on for users and developers
interac ng with the project.
Importance: Well-cra ed external documenta on simplifies project onboarding, usage, and
contribu on for external stakeholders.

97
Par cipant Handbook

Components:

· Clear project descrip on, purpose, and goals in the README file.

· Installa on instruc ons, dependencies, and usage examples for users and contributors.
Adop ng and consistently applying these theore cal aspects of good programming styles and
documenta on habits contributes to the crea on of robust, understandable, and collabora ve so ware
projects.

6.1.2 Using Scripting Languages for Automation and Simple

Programs
Scrip ng languages play a crucial role in automa ng tasks and simplifying program development, offering
a flexible and efficient approach to handling various compu ng challenges.

Fig. 6.1.2 Test scripts

Here is the significance and principles involved in using scrip ng languages for automa on and program
development:

Scrip ng Languages:

Automa on of Repe ve Tasks:

· Purpose: Scrip ng languages excel in automa ng repe ve and me-consuming tasks, enhancing
efficiency and reducing manual errors.

· Applica ons:
o File and directory opera ons.
o Data processing and manipula on.

o System administra on and configura on.

98
 Application Developer-Web & Mobile

Task Automa on Principles:

· Scrip ng for Task Efficiency:
o Iden fy repe ve tasks prone to human error or me-consuming execu on.

o Develop scripts that automate these tasks, improving overall produc vity.

o Integrate automa on into daily workflows for enhanced efficiency.

· Scrip ng for Consistency:

o Ensure consistent execu on of tasks by automa ng through scripts.

o Eliminate varia ons introduced by manual execu on for increased reliability.

· Error Handling and Logging:

o Implement error-handling mechanisms within scripts to manage unexpected scenarios.

o Incorporate logging to record script ac vi es, aiding in debugging and analysis.

Developing Simple Programs:

· Scrip ng vs. Tradi onal Programming:

o Scripts are o en shorter, focused on specific tasks, and executed in interpreted

environments.
o Rapid development and prototyping are emphasized over compila on and execu on
speed.

· Principles of Simple Program Development:

o Break down complex tasks into smaller, manageable func ons.

o Leverage built-in libraries and modules for common func onali es.
o Priori ze readability and maintainability, even in smaller codebases.
· Use Cases for Simple Programs:

o Data processing and analysis scripts.

o System u li es and administra on tools.

o Automa on of rou ne tasks in so ware development workflows.
Benefits of Scrip ng for Automa on:

· Rapid Development:
o Scrip ng languages offer quick development cycles, facilita ng faster itera on.Ideal for
prototyping and experimen ng with algorithms or solu ons.

· Flexibility and Dynamism:

o Easily adaptable to changing requirements due to the interpreted nature of scripts.

99
Par cipant Handbook

o Dynamically typed, allowing for versa le data manipula on without explicit type
declara ons.
· Ease of Learning and Use:

o Lower entry barriers for beginners, enabling non-programmers to automate tasks.

o Intui ve syntax and straigh orward constructs enhance the learning curve.
Scrip ng Languages in Modern Context:

· Python, Bash, and PowerShell:

o Python: Widely adopted for automa on, web development, and data analysis.
o Bash: Powerful for system administra on and shell scrip ng on Unix-based systems.

o Power Shell: Windows-centric scrip ng language for automa on and administra on.Fig.

Fig. 6.1.3 Scrip ng languages

· Integra on with DevOps Prac ces:

o Scrip ng languages are integral to DevOps for con nuous integra on, deployment, and
configura on management.

o Infrastructure as Code (IaC) leverages scrip ng for automa ng infrastructure provisioning.

Best Prac ces for Scrip ng:
· Code Readability:

o Priori ze clear and readable code to enhance maintainability.

o Use meaningful variable names and comments for documenta on.
· Modulariza on:

o Break down scripts into modular func ons for reusability.

o Encapsulate func onality within func ons to improve code structure.

100
 Application Developer-Web & Mobile

· Version Control:
o Apply version control prac ces to scripts for tracking changes.

o Collaborate with team members using version control systems.

Challenges and Considera ons:

· Security Implica ons:

o Scripts may introduce security vulnerabili es if not properly validated and sani zed.

o Carefully review and validate inputs to prevent poten al security risks.

· Scalability:

o Evaluate the scalability of scripts for larger projects or complex workflows.

o Consider transi oning to compiled languages for resource-intensive tasks.

In conclusion, the use of scrip ng languages for task automa on and simple program development offers
a versa le and efficient approach in diverse compu ng contexts. By understanding the principles,
benefits, and best prac ces associated with scrip ng, developers can leverage these languages to
streamline workflows, enhance produc vity, and contribute to the automa on-driven landscape of
modern so ware development.

6.1.3 Leveraging Tools for Comprehensive Program

Development
Incorpora ng these tools into the development workflow enhances produc vity, reduces errors, and
contributes to the overall success of a so ware project.

Fig. 6.1.4 Tools for comprehensive program development

101
Par cipant Handbook

· Building Programs:

¨ Tools:

o IDEs (Integrated Development Environments): Such as Visual Studio, Eclipse, or

JetBrains IntelliJ, provide a unified environment for coding, debugging, and
building.

o Build Automa on Tools: Examples include Apache Maven, Gradle, or Make, which
automate the compila on and packaging processes.
¨ Purpose: These tools streamline the process of transforming source code into executable programs
or libraries, ensuring consistency and efficiency in the build pipeline.

· Debugging:

¨ Tools:
o Debuggers: Integrated into IDEs or standalone tools like GDB (GNU Debugger) for
C/C++ or pdb for Python.

o Code Analyzers: Tools like ESLint for JavaScript or Sonar Qube for various languages
help iden fy code quality issues.
¨ Purpose: Debugging tools assist developers in loca ng and fixing errors, improving code reliability
and maintainability.

· Tes ng:

¨ Tools:
o Tes ng Frameworks: JUnit for Java, pytest for Python, or Jasmine for JavaScript.

o Unit Tes ng Tools: Tools like Mockito for Java or uni est.mock for Python facilitate
unit tes ng.
¨ Purpose: Tes ng tools automate the process of verifying that individual units or components of the
code func on as expected, ensuring so ware reliability and preven ng regressions.

· Tuning Performance:

¨ Tools:
o Profiling Tools: Such as VisualVM, YourKit, or Xcode Instruments, help analyze
code execu on and iden fy performance bo lenecks.

o Performance Monitoring Tools: New Relic, App Dynamics, or Prometheus monitor

applica on performance in produc on environments.
¨ Purpose: These tools aid in iden fying areas of the code that may impact performance, allowing
developers to op mize and fine-tune for efficiency.

· Maintaining Programs:

102
 Application Developer-Web & Mobile

¨ Tools:
o Version Control Systems (VCS): Git, Mercurial, or SVN track changes in the
codebase.

o Documenta on Tools: Tools like Doxygen, Javadoc, or Sphinx assist in genera ng

code documenta on.
¨ Purpose: Version control systems enable collabora on by tracking changes, facilita ng team
coordina on. Documenta on tools ensure comprehensive and accessible informa on about the
codebase.

Developers should choose tools that align with the project's requirements and adhere to best prac ces in
order to op mize the development life cycle.

6.1.4 Configuring Operating System Components for Optimal

Performance
Configuring opera ng system components is a cri cal aspect of op mizing overall system performance.
This involves fine-tuning se ngs, managing resources, and op mizing configura ons.
Here's key principles involved in configuring opera ng system components for op mal performance:
· Resource Alloca on and Management:

¨ Principle: Opera ng systems manage hardware resources, such as CPU, memory, and disk, to ensure
efficient u liza on.
¨ Op miza on Techniques:

o U lize task manager or system monitor tools to monitor resource usage.

o Allocate resources based on the specific needs of applica ons or services.
· Power Management:

¨ Principle: Modern opera ng systems incorporate power management features to balance

performance and energy efficiency.

¨ Op miza on Techniques:
o Adjust power plans or profiles to balance performance and energy consump on.

o U lize advanced power management se ngs for specific hardware components.

· Virtual Memory Configura on:

¨ Principle: Virtual memory allows the OS to use a por on of the hard drive as addi onal RAM,
enhancing system performance.

103
Par cipant Handbook

¨ Op miza on Techniques:

o Adjust virtual memory se ngs based on available physical RAM and storage space.
o Ensure the paging file is appropriately sized for the system's requirements.
· Task Scheduling:

¨ Principle: Opera ng systems employ task scheduling algorithms to manage the execu on of
processes and threads.
¨ Op miza on Techniques:
o Adjust process priority levels to allocate resources efficiently.

o Use task scheduler tools to manage the execu on sequence of tasks.

· Disk Op miza on:

¨ Principle: Disk I/O can be a significant bo leneck for system performance.

¨ Op miza on Techniques:

o Defragment disks regularly to op mize file placement.

o Enable write caching and adjust disk se ngs for op mal performance.

· Network Configura on:

¨ Principle: Network se ngs impact communica on and data transfer speeds.

¨ Op miza on Techniques:
o Adjust network adapter se ngs for op mal speed and performance.

o Use Quality of Service (QoS) se ngs to priori ze network traffic.

Fig. 6.1.5 Components of opera ng system

104
 Application Developer-Web & Mobile

· Security Considera ons:

¨ Principle: Security measures can impact system performance.
¨ Op miza on Techniques:

o Configure security so ware to minimize impact on system resources.

o Regularly update and patch the opera ng system for security and performance
improvements.

· Monitoring and Analysis:

¨ Principle: Con nuous monitoring and analysis provide insights into system performance.
¨ Op miza on Techniques:

o U lize performance monitoring tools to iden fy performance bo lenecks.

o Analyze logs and reports to address poten al issues proac vely.

· Registry and System Se ngs:

¨ Principle: Opera ng systems store configura on se ngs in the registry or system files.

¨ Op miza on Techniques:
o Modify registry se ngs to fine-tune system behavior.

o Adjust system se ngs through control panel or system preferences.

· Hardware Integra on:

¨ Principle: Opera ng systems interact with hardware components, and their se ngs impact overall
performance.
¨ Op miza on Techniques:
o Install and update device drivers to ensure compa bility and performance.
o Configure BIOS/UEFI se ngs for op mal hardware u liza on.
· Regular Maintenance:

¨ Principle: System performance can degrade over me due to fragmenta on and clu er.
¨ Op miza on Techniques:
o Schedule regular maintenance tasks, such as disk cleanup and system checks.

o Clean up temporary files and unnecessary applica ons regularly.

Configuring opera ng system components for op mal performance requires a holis c approach,
considering various aspects of resource management, se ngs adjustment, and proac ve monitoring. By
applying these principles, administrators can create a stable and high-performing compu ng
environment.

105
Par cipant Handbook

6.1.5 Identifying and Managing Software Development Needs

and Changes
In the dynamic landscape of so ware development, the ability to iden fy and manage evolving needs and
changes is crucial for delivering successful and adap ve solu ons.

Fig. 6.1.6 So ware development life cycle

Fig. 6.1.7 Problems in so ware development process

Here's the key principles involved in iden fying and managing so ware development needs and changes:

106
 Application Developer-Web & Mobile

Principle Key Ac vi es

Requirements Elicita on:

Understanding and defining user Ÿ Engage stakeholders to gather and document

requirements lay the founda on for requirements.
so ware development. Ÿ U lize techniques such as interviews, surveys, and
workshops for comprehensive elicita on.

Requirements Analysis and Priori za on:

Ÿ Evaluate requirements for clarity, completeness,

Analyzing and priori zing requirements and feasibility.
ensure efficient resource alloca on. Ÿ Priori ze requirements based on business value
and cri cality.

Change Management Process:

Implemen ng a structured change Ÿ Establish a change control board to assess and

management process ensures controlled approve/reject proposed changes.
and effec ve handling of modifica ons. Ÿ Document and communicate changes to relevant
stakeholders.

Version Control and Source Code Management:

Maintaining version control enables Ÿ U lize version control systems (e.g., Git, SVN) to
tracking and managing changes to source track changes, branches, and releases.
code. Ÿ Establish branching strategies to manage parallel
development efforts.

Agile and Itera ve Development:

Agile methodologies embrace change, Ÿ Adopt Agile frameworks (Scrum, Kanban) for
promo ng itera ve development and adap ve development.
flexibility. Ÿ Conduct regular sprint reviews and retrospec ves
to incorporate feedback and adjust priori es.

Con nuous Integra on and Deployment:

Con nuous Integra on (CI) and Ÿ Implement CI/CD pipelines to automate tes ng,
Deployment (CD) streamline the integra on, and deployment.
integra on of changes and facilitate rapid Ÿ Enable frequent, small releases to address changes
deployment. incrementally.

107
Par cipant Handbook

Feedback Loops and Collabora on:

Establishing feedback loops encourages Ÿ Facilitate regular communica on between

collabora on and accelerates the development teams and stakeholders.
iden fica on of changing needs. Ÿ Encourage user feedback through prototypes,
demos, and itera ve showcases.

Risk Management:

Proac vely iden fying and managing risks Ÿ Conduct risk assessments to iden fy poten al
associated with changes minimizes impacts of changes.
disrup ons. Ÿ Develop mi ga on strategies and con ngency
plans.

Documenta on and Knowledge Sharing:

Documen ng changes and knowledge Ÿ Maintain comprehensive documenta on of

sharing foster a shared understanding requirements, changes, and design decisions.
among team members. Ÿ Encourage knowledge-sharing prac ces within the
development team.

Regression Tes ng:

Regression tes ng validates that changes Ÿ Develop and maintain a robust suite of automated
do not adversely impact exis ng regression tests.
func onality. Ÿ Execute regression tests as part of the CI/CD
pipeline to catch issues early.

User Involvement:

Involving end-users throughout the Ÿ Conduct user tes ng sessions and gather feedback
development lifecycle ensures that during development.
changes align with user needs. Ÿ Itera vely incorporate user sugges ons to enhance
user sa sfac on.

By adhering to these principles, so ware development teams can navigate the complexity of evolving
needs and changes, fostering agility, adaptability, and the delivery of high-quality so ware solu ons.

108
 Application Developer-Web & Mobile

6.1.6 Employing Various Cloud Computing Platforms and

Services in the Development Process
Cloud compu ng has become an indispensable component of modern so ware development, offering a
flexible and scalable infrastructure that can significantly enhance the development process.

Fig. 6.1.8 Cloud compu ng types

Here's how organiza ons can strategically employ various cloud compu ng pla orms and services to
streamline and op mize their development workflows:

· Infrastructure as a Service (IaaS):

IaaS provides virtualized compu ng resources over the internet, allowing developers to access
scalable and on-demand infrastructure.
· Benefits: Developers can leverage virtual machines, storage, and networking resources
without the need to invest in and manage physical hardware. This flexibility ensures
efficient resource u liza on and cost-effec veness.
· Pla orm as a Service (PaaS):

PaaS abstracts the underlying infrastructure, providing a ready-to-use pla orm with pre-
configured tools and services for applica on development.
· Benefits: Development teams can focus on coding and applica on logic, reducing the
burden of infrastructure management. PaaS accelerates the development process by
providing a standardized and collabora ve environment.

· Containeriza on and Orchestra on:

Containeriza on, exemplified by tools like Docker, packages applica ons and their dependencies
into isolated units. Orchestra on tools like Kubernetes manage the deployment and scaling of
these containers.

109
Par cipant Handbook

· Benefits: Containeriza on ensures consistency across different environments, simplifies

applica on deployment, and enhances scalability. Orchestra on streamlines the
management of complex, distributed applica ons.

· Serverless Compu ng:

Serverless compu ng, or Func on as a Service (FaaS), allows developers to run code without
managing the underlying infrastructure. Code executes in response to events or triggers.
· Benefits: Developers can focus solely on wri ng code, paying only for actual usage.
Serverless architectures enhance scalability, reduce opera onal overhead, and support
microservices-based development.
· Database as a Service (DBaaS):

DBaaS provides managed database solu ons, allowing developers to access and use databases
without worrying about administra ve tasks.
· Benefits: Organiza ons can ensure high availability, scalability, and efficient
management of databases. Developers can concentrate on applica on development
without concerning themselves with database maintenance.

· Content Delivery Networks (CDN):

CDNs distribute content across a network of servers geographically dispersed around the globe,
ensuring faster and more reliable content delivery.

· Benefits: CDNs reduce latency, enhance the performance of web applica ons, and
improve the user experience by delivering content from servers closer to end-users.
· Authen ca on and Authoriza on Services:

Cloud-based authen ca on and authoriza on services manage user iden es and access
controls for applica ons.
· Benefits: Organiza ons can enhance security by leveraging robust iden ty management
solu ons, ensuring secure access to applica ons and resources.

· Monitoring and Logging Services:

Cloud-based monitoring and logging services provide insights into applica on performance and
help troubleshoot issues by tracking system logs.

· Benefits: Development teams can proac vely manage resources, iden fy bo lenecks,
and op mize applica on performance through con nuous monitoring and logging.
· DevOps and Con nuous Integra on/Con nuous Deployment (CI/CD):

Cloud-based DevOps tools and CI/CD pipelines automate development workflows, tes ng, and
deployment processes.
· Benefits: These tools streamline collabora on between development and opera ons
teams, automate tes ng, and enable con nuous delivery. This results in faster and more

110
 Application Developer-Web & Mobile

reliable releases.
· Machine Learning and AI Services:
Cloud providers offer pre-built machine learning models and AI services that developers can
integrate into their applica ons.

· Benefits: Organiza ons can infuse intelligent features into their applica ons without the
need for extensive exper se in machine learning. This accelerates the development of
AI-driven func onali es.
· Security and Compliance Services:

Cloud-based security and compliance tools provide robust measures to safeguard applica ons
and ensure adherence to industry standards and regula ons.
· Benefits: Organiza ons can enhance the security posture of their applica ons by
leveraging built-in security features and ensuring compliance with regulatory
requirements.
By strategically employing these various cloud compu ng pla orms and services, organiza ons can
unlock a myriad of benefits, including increased agility, improved scalability, reduced opera onal
complexity, and accelerated development cycles. The cloud's inherent flexibility allows development
teams to focus on innova on while op mizing resources, ul mately leading to the delivery of high-quality
and resilient so ware solu ons.

6.1.7 Applying Principles of Code and Design Quality for

Effective and Scalable Solutions
Ensuring high-quality code and design is a cri cal aspect of so ware development that directly impacts
the reliability, maintainability, and scalability of solu ons.

Let's delve deeper into the key principles and their prac cal implica ons:
Clear Code Structure:
· Principle: Organizing code logically involves grouping related func onali es together and defining
clear boundaries between different components or modules.

· Implementa on: Use modular pa erns like MVC (Model-View-Controller) or MVVM (Model-
View-ViewModel) to compartmentalize code. Employ package and namespace structures that
reflect the applica on's architecture.

111
Par cipant Handbook

Fig. 6.1.9 So ware design principles

Modularity and Encapsula on:

· Principle: Breaking down the code into modular components enhances maintainability and allows
for independent development and tes ng of dis nct features.
· Implementa on: Design classes and modules that encapsulate specific func onali es. U lize
access modifiers to control the visibility of internal components, promo ng encapsula on.

Effec ve Naming Conven ons:

· Principle: Descrip ve and consistent naming conven ons contribute to code readability, aiding
developers in understanding the purpose of variables, func ons, and classes.
· Implementa on: Choose meaningful names that convey the intent of the elements. Follow
language-specific naming conven ons, ensuring uniformity across the codebase.
Code Comments and Documenta on:
· Principle: Comments and documenta on provide context and insight into the codebase, aiding
developers who may not be familiar with the implementa on.

· Implementa on: Embed comments for complex algorithms, business logic, or any non-trivial
code sec ons. Maintain up-to-date documenta on outlining project structure, dependencies,
and coding guidelines.

DRY (Don't Repeat Yourself) Principle:

· Principle: Reusability is a cornerstone of maintainable code. The DRY principle advocates for
elimina ng redundancy by crea ng reusable components.

· Implementa on: Iden fy pa erns or common func onali es and encapsulate them into
func ons, methods, or libraries. Leverage inheritance and polymorphism to foster code reuse.

112
 Application Developer-Web & Mobile

Consistent Coding Style:

· Principle: A consistent coding style promotes collabora on and maintains a cohesive appearance
throughout the codebase.

· Implementa on: Enforce coding style through linters or style guides. Adopt a version control
system to track changes consistently.
Error Handling and Logging:
· Principle: Robust error handling ensures that the applica on gracefully handles unexpected
scenarios, while logging facilitates effec ve debugging and issue resolu on.
· Implementa on: Implement try-catch blocks for an cipated errors. U lize logging frameworks to
record relevant informa on during run me, aiding in troubleshoo ng.

Scalability Considera ons:

· Principle: Designing with scalability in mind involves an cipa ng growth and ensuring the
applica on can handle increased demands.
· Implementa on: Employ scalable architectures, such as microservices or serverless. Op mize
database queries, u lize caching mechanisms, and implement load balancing to distribute
workloads efficiently.
Performance Op miza on:

· Principle: Priori ze efficient algorithms and coding prac ces to enhance applica on performance.

· Implementa on: Profile code to iden fy bo lenecks. Op mize cri cal sec ons, minimize
database queries, and employ caching strategies. Leverage asynchronous programming where
applicable.

Security Best Prac ces:

· Principle: Embedding security measures into the codebase is crucial for protec ng against
vulnerabili es and threats.

· Implementa on: Sani ze inputs to prevent SQL injec on. Validate user inputs to mi gate cross-
site scrip ng (XSS) a acks. Regularly update dependencies to address security vulnerabili es.
Tes ng and Test-Driven Development (TDD):

· Principle: Tes ng, including unit tests and test-driven development, ensures the reliability and
correctness of the codebase.
· Implementa on: Write unit tests for individual components. Prac ce TDD by wri ng tests before
implemen ng new features. Integrate automated tes ng into the con nuous integra on pipeline.

Code Reviews and Collabora on:

· Principle: Regular code reviews facilitate knowledge sharing, catch issues early, and maintain a
high standard of code quality.

113
Par cipant Handbook

· Implementa on: Establish a code review process where team members provide construc ve
feedback. Use collabora ve tools to streamline the review process and ensure consistency.

Fig. 6.1.10 Code quality is not so ware quality

By conscien ously implemen ng these principles, development teams can elevate the quality of their
code and design, fostering a so ware development environment that is not only effec ve and scalable
but also sustainable over the long term. Priori zing code quality is an investment that pays dividends in
the form of a resilient, maintainable, and adaptable so ware solu on.

114
 Application Developer-Web & Mobile

Exercise
Answer the following ques ons:
Short Ques ons:

1. What is the primary objec ve of good programming styles and documenta on habits?

2. How can scrip ng languages be u lized in so ware development?

3. Why is the use of appropriate tools crucial in the so ware development lifecycle?
4. What is the significance of configuring opera ng system components for op mal performance?

5. Why is iden fying and managing so ware development needs essen al for project success?

Fill-in-the-Blanks:
1. Effec ve programming styles enhance code __________ and __________.
a) Complexity, confusion
b) Readability, maintainability
2. Scrip ng languages are commonly used to automate tasks and develop __________ programs.
a) Complex
b) Simple
3. U lizing appropriate tools in so ware development ensures efficient __________, __________,
and __________.
a) Coding, debugging, tes ng
b) Building, debugging, tes ng
4. Configuring opera ng system components contributes to achieving op mal system __________.
a) Stability
b) Performance
5. Managing so ware development needs involves effec ve handling of requirements __________
and __________.
a) Removal, addi on
b) Elicita on, changes

True/False Ques ons:

1. Good programming styles primarily focus on maximizing code complexity. (True/False)
2. Scrip ng languages are not suitable for developing simple programs. (True/False)

3. U lizing appropriate tools in so ware development is op onal and does not impact project
outcomes. (True/False)
4. Configuring opera ng system components has no significant impact on system performance.
(True/False)

5. Managing so ware development needs does not involve addressing changes in requirements.
(True/False)

115
Par cipant Handbook

Notes

QR Code
Scan the QR Code to watch the related videos

h ps://youtu.be/qEw8qlRX05A
Web Development Tools I Use to
Increase Produc vity

116
 Application Developer-Web & Mobile

117
7. Continuous
Integration, Delivery
and Deployment

Unit 7.1 - Founda ons of Con nuous Integra on, Delivery, and
Deployment

Unit 7.2 - Advanced CI/CD Prac ces and Automa on Tools

SSC/N8417
 Application Developer-Web & Mobile

Key Learning Outcomes

At the end of this module, you will be able to:
1. Discuss the principles of con nuous integra on, con nuous delivery and con nuous deployment
2. Explain about version control

3. Demonstrate how to manage changes to source code using standard version control tools

4. Discuss how to secure the source code repository

5. Examine and evaluate standard prac ces for code tagging, branching, merger and integra on

6. Demonstrate how to integrate version control systems with the deployed project management tools

7. Explain different types of applica on environment variables and how to manage the configura ons
of target environments
8. Demonstrate how to automate applica on tes ng using standard tools and scripts

9. Demonstrate how to write test cases to indent failure

10. Explain how to con nuously integrate bugs fixes in the applica on builds
11. Discuss best prac ces for applica on deployment

12. Demonstrate how to push applica ons to their appropriate services (such as web servers, API
services, database services etc.)
13. Demonstrate how to automate the CI/CD (con nuous integra on/con nuous delivery) pipeline
using standard automa on tools (such as Chef, Bamboo etc.)

119
Par cipant Handbook

UNIT 7.1: Founda ons of Con nuous Integra on, Delivery, and
Deployment
Unit Objectives
At the end of this unit, you will be able to:
1. Discuss the principles of con nuous integra on, con nuous delivery and con nuous deployment
2. Explain about version control
3. Demonstrate how to manage changes to source code using standard version control tools

4. Discuss how to secure the source code repository

5. Examine and evaluate standard prac ces for code tagging, branching, merger and integra on
6. Demonstrate how to integrate version control systems with the deployed project management tools

7.1.1 Principles of Continuous Integration (CI), Continuous

Delivery (CD), and Continuous Deployment (CD)
CI/CD principles have become integral to modern so ware development, offering a systema c and
automated approach to building, tes ng, and deploying so ware, leading to faster, more reliable, and
error-free releases.

Fig. 7.1.1 Con nuous Integra on and Con nuous Delivery (CI/CD)

Con nuous Integra on (CI):

Con nuous Integra on is a development prac ce that involves regularly integra ng code changes from
mul ple contributors into a shared repository. The primary principles include:
· Frequent Code Integra on: Developers integrate their code changes into a shared repository

120
 Application Developer-Web & Mobile

mul ple mes a day, preven ng code silos and reducing integra on issues.

· Automated Builds and Tests: Automated processes trigger builds and run tests whenever code
changes are integrated, ensuring early detec on of errors.
· Immediate Feedback: Rapid feedback on code changes allows developers to iden fy and address
issues early in the development cycle, promo ng collabora on and quick resolu on.

Con nuous Delivery (CD):

Con nuous Delivery extends CI by automa ng the en re so ware delivery process up to the produc on
environment. Key principles include:

· Automated Deployment: Automated deployment processes enable the rapid and reliable release
of so ware to various environments, ensuring consistency and reducing manual errors.
· Incremental Updates: Delivering so ware updates in small, incremental steps allows for more
manageable releases, minimizing disrup ons and facilita ng quick rollbacks if necessary.

· Deployment Pipeline: The deployment process is structured as a pipeline, consis ng of stages

such as building, tes ng, and deploying. Each stage is automated, providing visibility and control.
Con nuous Deployment (CD):

Con nuous Deployment takes the automa on further, deploying code changes directly to produc on
without manual interven on. Key principles include:
· Automated Produc on Deployment: Code changes that pass all tests are automa cally deployed
to produc on, reducing me-to-market and enhancing agility.

· Zero Down me: Techniques like blue-green deployments or canary releases ensure that users
experience minimal to no disrup on during deployments.

· Con nuous Monitoring: Con nuous monitoring of produc on environments helps iden fy and
address issues promptly, maintaining the stability and reliability of the deployed applica on.
Significance in Modern So ware Development:

Fig. 7.1.2 Characteris cs of modern so ware development

121
Par cipant Handbook

· Accelerated Development Lifecycle: CI/CD prac ces shorten development cycles by automa ng
repe ve tasks, allowing teams to release so ware faster and more frequently.

· Reduced Errors and Bugs: Automated tes ng in CI/CD pipelines catches errors early, reducing the
likelihood of bugs in produc on and enhancing the overall so ware quality.
· Enhanced Collabora on: CI/CD promotes collabora on between development, tes ng, and
opera ons teams, fostering a culture of shared responsibility and communica on.

· Agility and Flexibility: Con nuous Deployment allows for rapid adapta on to changing
requirements, market condi ons, and user feedback, enhancing the overall agility of
development teams.

· Increased Confidence in Releases: The automated and standardized deployment process ins lls
confidence in the reliability and predictability of so ware releases.

7.1.2 Fundamentals of Version Control and Its Role in

Collaborative Development
Version control is a system that records changes to files over me, allowing mul ple contributors to work
on a project simultaneously. It tracks modifica ons, facilitates collabora on, and provides a history of
changes.

Fig. 7.1.3 The basics of so ware version control

122
 Application Developer-Web & Mobile

Key Fundamentals:

· Repository: Version control systems store project files and their history in a repository. There are
two main types: centralized (e.g., SVN) and distributed (e.g., Git).
· Commit: A commit is a snapshot of changes made to files at a specific point in me. Commits
create a revision history, enabling developers to track modifica ons.

· Branching: Branches allow developers to create separate lines of development. This feature is
crucial for parallel work on features, bug fixes, or experiments without affec ng the main
codebase.

· Merging: Merging combines changes from different branches into a single branch. It ensures that
modifica ons made by different developers are integrated seamlessly.
· Conflict Resolu on: When two or more developers modify the same code simultaneously,
conflicts may arise. Version control systems provide tools to resolve these conflicts.

· Tagging: Tagging involves assigning a label to a specific commit, marking significant points in
development, such as releases or milestones.
Role in Collabora ve Development:

· Concurrency: Version control enables mul ple developers to work on the same project
concurrently. Each can make changes independently, and the system merges modifica ons
efficiently.

· History Tracking: Developers can review the en re history of changes, including who made each
change, when, and why. This historical context is valuable for debugging, audi ng, and
understanding project evolu on.
· Collabora on: Version control promotes collabora on by providing a centralized pla orm for
team members to share, review, and contribute to the codebase.

· Branching for Features: Teams can create branches for specific features or fixes. This allows
developers to work independently on their tasks without affec ng the stability of the main
codebase.

· Code Stability: Version control helps maintain code stability by allowing developers to isolate
experimental features or bug fixes in separate branches un l they are ready for integra on.
· Rollback and Recovery: In case of errors or undesired changes, version control allows teams to roll
back to a previous, stable state. This feature ensures recoverability and reduces the risk of data
loss.
· Collabora ve Code Reviews: Version control systems o en integrate with code review tools,
facilita ng collabora ve code reviews. Team members can comment on changes, suggest
improvements, and ensure code quality.
· Distributed Development: With distributed version control systems like Git, developers can work
independently and synchronize their changes when needed. This decentraliza on enhances

123
Par cipant Handbook

flexibility in collabora ve projects.

In conclusion, version control is a founda onal aspect of collabora ve so ware development, providing a
structured and efficient way for teams to manage code changes, collaborate seamlessly, and ensure the
stability and quality of the so ware project.

7.1.3 Demonstrating Source Code Management with

Version Control Tools
In this demonstra on, Git will be used as a standard version control tool to manage changes to source
code.
Git is a widely adopted distributed version control system known for its flexibility and efficiency.

Prerequisites:

· Git installed on your local machine

· A Git repository ini alized or cloned from a remote repository

Fig. 7.1.4 Source code management: an introduc on

Demonstra on Steps:

Commi ng Changes:
· Make changes to the source code files in your working directory.
· Open a terminal and navigate to your project directory.

· Use the following commands:

git status # View the changes made to files

124
 Application Developer-Web & Mobile

git add . # Stage the changes for commit

git commit -m "Descrip on of the changes made" # Commit the changes

This sequence captures your changes in a commit, crea ng a snapshot in the version history.

Pushing Changes:

· If you're collabora ng with others, you'll want to push your commi ed changes to a remote
repository.
· Use the following command:

git push origin master # Push changes to the 'master' branch (adjust as needed)
This command updates the remote repository with your local changes.
Pulling Changes:

· If other team members have made changes to the remote repository, you'll want to incorporate
those changes into your local copy.
· Use the following command:

git pull origin master # Pull changes from the 'master' branch (adjust as needed)

This command fetches changes from the remote repository and merges them into your local branch.
Handling Branches:

· Create a new branch for a specific feature or bug fix:

git checkout -b feature-branch # Create and switch to a new branch

· Make changes in the new branch, commit them, and push the branch to the remote repository.

git push origin feature-branch # Push changes to the remote feature branch
· Collaborators can then pull and review the changes in the new branch.
Inspec ng History:
· View the commit history:

git log # Display commit history

· Explore the details of a specific commit:
git show <commit-hash> # Show details of a commit

These basic Git commands cover the essen al opera ons for managing changes to source code.
Remember to adapt branch and remote names based on your specific project setup.

125
Par cipant Handbook

7.1.4 Strategies and Practices for Securing Source Code

Repositories
Securing source code repositories is paramount to maintaining the integrity, confiden ality, and
availability of the codebase.

Fig. 7.1.5 How to write a security pa ern

Here are essen al strategies and prac ces to ensure the security of your source code repository:

· Access Control:

o Implement robust access control mechanisms to restrict repository access based on roles
and responsibili es.
o Regularly review and update user permissions to align with project requirements.

· Authen ca on and Authoriza on:

o Enforce strong authen ca on mechanisms to verify the iden ty of users accessing the
repository.

o Use authoriza on mechanisms to control the ac ons users can perform within the
repository.
· Encryp on:

o Enable encryp on for both data in transit and data at rest to safeguard code during
transmission and storage.
o U lize HTTPS/SSL for secure communica on between local repositories and remote
servers.

· Branch Restric ons:

o Implement branch-level access restric ons to control who can make changes to cri cal
branches (e.g., master or main).

o This helps prevent unauthorized modifica ons to essen al code.

126
 Application Developer-Web & Mobile

· Audit Trails:
o Enable and regularly review audit trails to track user ac vi es, including commits, pulls, and
merges.
o Audi ng provides visibility into changes made to the repository and aids in iden fying
poten al security incidents.

· Code Signing:

o Implement code signing to verify the authen city and integrity of code changes.
o Code signing ensures that only authorized contributors can commit code to the repository.

· Secure Communica on:

o Use secure communica on channels (e.g., SSH) for interac ng with remote repositories.
o Employ VPNs for addi onal security when accessing repositories over public networks.
· Regular Security Audits:

o Conduct regular security audits to iden fy vulnerabili es and address poten al risks.
o Periodically review and update security policies based on audit findings.
· Two-Factor Authen ca on (2FA):

o Enforce two-factor authen ca on for an extra layer of security.

o 2FA adds an addi onal step beyond password protec on, enhancing overall repository
security.

· Backup and Recovery:

o Implement regular backup processes to ensure the availability of the repository in case of
data loss or corrup on.
o Test the restora on process periodically to validate backup integrity.

· Security Training:
o Educate developers and repository users on secure coding prac ces and the importance of
adhering to security policies.

o Promote awareness of common security threats such as phishing and social engineering.
· Vendor Security (For Cloud Repositories):
o If using a cloud-based repository service, ensure the vendor follows industry best prac ces
for security.

o Review the vendor's security cer fica ons and compliance with data protec on standards.
Patch and Update Management:
o Regularly update and patch the version control system to address security vulnerabili es.

127
Par cipant Handbook

o Stay informed about security updates and apply them promptly.

· Third-Party Dependencies:

o Monitor and update third-party dependencies to address known vulnerabili es.

o Regularly scan for dependencies with security issues using tools like dependency checkers.
By implemen ng these strategies and prac ces, development teams can establish a secure environment
for their source code repositories, mi ga ng the risk of unauthorized access, data breaches, and other
security threats.

7.1.5 Examining and Evaluating Standard Practices for

Collaborative Development
Collabora ve development relies on effec ve strategies for code tagging, branching, merging, and
integra on. Let's explore the standard prac ces for each of these aspects and evaluate their significance
in fostering collabora on:
· Code Tagging:

o Prac ce: Tagging involves marking specific points in the version history to denote releases,
milestones, or significant changes.
o Significance: Tags provide a clear reference for stable points in development, facilita ng
reproducibility and version iden fica on.

· Branching:

o Prac ce: Branching involves crea ng independent lines of development to work on

features or fixes without impac ng the main codebase.

o Significance: Branches enable parallel development, allowing teams to work on different

features concurrently. They isolate changes un l they are ready for integra on.
· Merging:
o Prac ce: Merging combines changes from one branch into another, typically integra ng
features or bug fixes back into the main branch.
o Significance: Merging ensures that changes made in isolated branches are incorporated
into the main codebase, maintaining a cohesive and up-to-date project.

· Integra on:

o Prac ce: Integra on involves bringing together changes from mul ple contributors into a
shared repository or branch.
o Significance: Regular integra on prevents divergence of codebases and iden fies conflicts
early, promo ng a smoother collabora ve development process.

128
 Application Developer-Web & Mobile

Fig. 7.1.6 HTML tags for web development

Evalua on:

· Efficiency:
o Tagging: Efficiently tagged releases simplify version management and deployment
processes.

o Branching: Well-managed branches enhance development efficiency by enabling parallel

work on different features or bug fixes.
o Merging: Streamlined merging processes reduce the me and effort required to integrate
changes.

o Integra on: Regular integra on minimizes the risk of conflicts and ensures a con nuously
stable codebase.
· Isola on and Collabora on:

o Tagging: Tags provide a snapshot of code at specific points, aiding in isola ng releases.

o Branching: Isolated branches allow teams to work independently without impac ng the
main codebase, promo ng collabora ve development.

o Merging: Efficient merging mechanisms contribute to smooth collabora on by

129
Par cipant Handbook

incorpora ng changes seamlessly.

o Integra on: Con nuous integra on fosters collabora on by bringing together changes
from mul ple contributors regularly.

· Release Management:
o Tagging: Tagged releases simplify version tracking and facilitate efficient release
management.

o Branching: Release branches can be created for stable versions, enabling focused bug fixes
without disrup ng ongoing development.
o Merging: Merging bug fixes into release branches ensures that stable releases are kept up
to date.
o Integra on: Con nuous integra on supports automated tes ng and valida on before
releases, enhancing overall release management.

· Conflict Resolu on:

o Tagging: Tags serve as reference points for stable releases, aiding in conflict resolu on
during deployment.
o Branching: Isolated branches minimize conflicts during development, with conflicts being
addressed during the merging process.
o Merging: Efficient merging prac ces include resolving conflicts promptly to maintain code
integrity.

o Integra on: Regular integra on helps iden fy conflicts early, allowing teams to address
them in a mely manner.

Fig. 7.1.7 SQL Database Project Code Branching in Git

In summary, adop ng standard prac ces for code tagging, branching, merging, and integra on is crucial
for collabora ve development. These prac ces enhance efficiency, isolate development efforts, support
release management, and streamline conflict resolu on, contribu ng to a more seamless and produc ve
collabora ve development process.

130
 Application Developer-Web & Mobile

Fig. 7.1.8 Feature Branching and Pull-Request Strategy with Git, GitHub and VSCode

7.1.6 Demonstrating Integration of Version Control

Systems with Project Management Tools
Integra ng version control systems (VCS) with project management tools is essen al for streamlining
collabora on between development and project management. Here's a demonstra on of how to achieve
this integra on:

Fig. 7.1.9 Version Control Systems (VCS)

· Step 1: Choose a Version Control System (VCS)

Select a widely used VCS such as Git, Mercurial, or SVN based on the project requirements and
team preferences.

131
Par cipant Handbook

· Step 2: Set Up the Version Control System:

Ini alize a Git Repository (Example for Git):
git init

Add and Commit Ini al Files:

git add .
git commit -m "Ini al commit"

· Step 3: Choose a Project Management Tool

Select a project management tool compa ble with the chosen VCS. Popular op ons include Jira,
Trello, Asana, or GitHub Projects.

· Step 4: Integrate Version Control with Project Management Tool

¨ Generate API Tokens or Creden als:

o Obtain API tokens or creden als from the project management tool to
authen cate the integra on.
¨ Configure Webhooks (Example for GitHub and Jira):
o In GitHub, go to the repository se ngs, choose "Webhooks," and add a new
webhook.
o Configure the payload URL with the endpoint provided by the project management
tool.

o Select the events (e.g., push, pull request) to trigger webhook no fica ons.

¨ Enable Integra ons:

o Explore built-in integra ons or plugins provided by the project management tool.
For example, GitHub and Jira offer a na ve integra on.

¨ Link Commits to Issues:

o Include issue or cket numbers in commit messages to automa cally link code
changes to specific tasks in the project management tool.

· Step 5: Track and Manage Work

¨ Create Tasks or Issues in Project Management Tool:

o Define tasks, user stories, or issues in the project management tool to represent
work items.

¨ Reference Issues in Commit Messages:

o When making changes related to a specific task, reference the issue number in the
commit message (e.g., "Fixes #123").

132
 Application Developer-Web & Mobile

¨ Automa c Updates:
o As commits are pushed to the repository, the integra on automa cally updates
the associated tasks in the project management tool.

· Step 6: Monitor Progress

¨ View Project Board:
o Use the project management tool's board to visualize the progress of tasks,
monitor development status, and track comple on.
¨ Receive No fica ons:
o Team members receive no fica ons in the project management tool when code
changes or commits are made.

· Step 7: Collaborate Effec vely

¨ Use Commen ng Features:

o Collaborate within the project management tool by u lizing commen ng features

on tasks or issues.
¨ Reference Code in Issues:
o Link directly to code snippets, branches, or pull requests in the project
management tool for comprehensive context.
By following these steps, teams can seamlessly integrate version control systems with project
management tools, fostering collabora on, providing visibility into project progress, and enhancing
communica on between development and project management teams.

133
Par cipant Handbook

Notes

QR Code
Scan the QR Code to watch the related videos

h ps://youtu.be/QuCekFcb6m4
Con nuous Deployment vs
Con nuous Delivery

134
 Application Developer-Web & Mobile

UNIT 7.2: Advanced CI/CD Prac ces and Automa on Tools

Unit Objectives
At the end of this unit, you will be able to:
1. Explain different types of applica on environment variables and how to manage the configura ons of
target environments
2. Demonstrate how to automate applica on tes ng using standard tools and scripts

3. Demonstrate how to write test cases to indent failure

4. Explain how to con nuously integrate bugs fixes in the applica on builds
5. Discuss best prac ces for applica on deployment

6. Demonstrate how to push applica ons to their appropriate services (such as web servers, API
services, database services etc.)
7. Demonstrate how to automate the CI/CD (con nuous integra on/con nuous delivery) pipeline using
standard automa on tools (such as Chef, Bamboo etc.)

7.2.1 Exploring Application Environment Variables and

Configuration Management Strategies
In modern so ware development, managing configura ons across various target environments is crucial
for ensuring a consistent and reliable applica on deployment.

Fig. 7.2.1 Using environment variables in App pla orm

Let's delve into different types of applica on environment variables and strategies for effec ve
configura on management:

135
Par cipant Handbook

Types of Applica on Environment Variables:

· Environment-Specific Variables:
o Purpose: Tailored for specific environments (e.g., development, tes ng, produc on).
o Example: Database connec on strings, API endpoints, debug modes.

· Sensi ve Informa on:

o Purpose: Store confiden al data securely.
o Example: API keys, database passwords, encryp on keys.

· Feature Flags:
o Purpose: Enable or disable specific features dynamically.
o Example: Beta features, experimental func onali es.

· Logging and Debugging Variables:

o Purpose: Control logging levels and debugging behavior.

o Example: Log verbosity levels, error handling se ngs.

· Performance Tuning:

o Purpose: Fine-tune applica on performance.

o Example: Cache dura ons, thread pool sizes, resource limits.

Fig. 7.2.2 So ware configura on management

136
 Application Developer-Web & Mobile

Strategies for Managing Configura ons:

· Configura on Files:
o Descrip on: Store configura on se ngs in dedicated files (e.g., YAML, JSON).
o Advantages: Easily readable, version-controlled, and manageable.

o Considera ons: Ensure security for sensi ve informa on.

· Environment Variables:
o Descrip on: Set configura on values as environment variables.

o Advantages: Dynamically adjust configura ons without code changes.

o Considera ons: Limited readability and discoverability.
· Secrets Management Tools:

o Descrip on: Use tools designed for secure storage of sensi ve data.

o Advantages: Centralized management, access control, encryp on.

o Considera ons: Integra on with CI/CD pipelines for automated deployments.

· Infrastructure as Code (IaC):

o Descrip on: Define configura ons alongside infrastructure setup.

o Advantages: Consistency across environments, version control.

o Considera ons: Learning curve, poten al complexity.

· Database-backed Configura ons:

o Descrip on: Store configura ons in a dedicated database table.

o Advantages: Dynamic updates, centralized management.

o Considera ons: Database dependency, poten al performance impact.

· Container Orchestra on Pla orms:
o Descrip on: Leverage pla orm-specific features for configura on.

o Advantages: Scalability, flexibility, consistency.

o Considera ons: Learning curve, pla orm-specific.
· Dynamic Configura on Reload:

o Descrip on: Enable applica ons to reload configura ons without restart.
o Advantages: Real- me adjustments, minimal down me.
o Considera ons: Implementa on complexity, poten al risks.

138
Par cipant Handbook

Best Prac ces:

· Security: Encrypt sensi ve informa on and limit access to configura on se ngs.

· Version Control: Keep configura ons under version control to track changes and ensure
reproducibility.

· Documenta on: Maintain comprehensive documenta on for configura on se ngs and their
purposes.
· Tes ng Environments: Mimic produc on configura ons in tes ng environments for accurate
tes ng.

· Audit Trails: Implement logs or audit trails for configura on changes to trace modifica ons.
· Automated Deployment: Integrate configura on management into automated deployment
pipelines.

By understanding the various types of applica on environment variables and employing effec ve
configura on management strategies, development teams can ensure consistency, security, and
flexibility across different target environments. These prac ces contribute to smoother deployments,
easier maintenance, and enhanced overall applica on reliability.

7.2.2 Demonstrating Automated Application Testing in

CI/CD Pipeline
Automa ng applica on tes ng is crucial for ensuring the reliability and quality of so ware throughout
the con nuous integra on and con nuous deployment (CI/CD) pipeline.

Fig. 7.2.3 Con nuous Integra on & Con nuous Delivery

139
 Application Developer-Web & Mobile

Below is a demonstra on using standard tools and scripts to automate tes ng within the CI/CD pipeline:
Step 1: Choose Tes ng Framework and Tools
· Select a Tes ng Framework:

o Choose a tes ng framework suitable for your applica on (e.g., JUnit for Java, pytest for
Python, Jasmine for JavaScript).
· Iden fy Tes ng Tools:

o U lize tes ng tools compa ble with the chosen framework (e.g., Selenium for web
applica on tes ng, JUnit for Java applica ons).
Step 2: Write Test Scripts
· Create Test Cases:

o Write comprehensive test cases covering various aspects of your applica on, including unit
tests, integra on tests, and end-to-end tests.
· Use Test Framework Conven ons:

o Follow conven ons of the chosen tes ng framework for organizing and structuring test
scripts.
Step 3: Integrate Tes ng into CI/CD Pipeline

· Configure CI/CD Pla orm:

o Choose a CI/CD pla orm (e.g., Jenkins, GitLab CI, GitHub Ac ons) and configure it to trigger
automated tests upon code changes.
· Define Test Execu on Stage:

o Create a dedicated stage in the CI/CD pipeline specifically for running automated tests.
Step 4: Set Up Test Environment

· Prepare Test Environment:

o Ensure the test environment is configured to mimic the produc on environment as closely
as possible.

· Deploy Applica on:

o Deploy the applica on in the test environment before running automated tests.
Step 5: Execute Automated Tests
· Run Unit Tests:

o Execute unit tests to validate the func onality of individual components.

· Perform Integra on Tests:
o Conduct integra on tests to verify interac ons between different modules.

· Execute End-to-End Tests:

140
Par cipant Handbook

o Run end-to-end tests to simulate user interac ons and validate the applica on's behavior
as a whole.
Step 6: Analyze Test Results

· Interpret Test Results:

o Analyze test results generated by the tes ng framework to iden fy passed and failed tests.
· Generate Reports:

o U lize built-in repor ng features of the tes ng framework or integrate repor ng tools to
generate detailed test reports.
Step 7: Implement Test Coverage
· Monitor Code Coverage:

o Use tools to measure code coverage and ensure that tests cover a significant por on of the
codebase.
· Adjust Test Suite:

o Con nuously refine and expand the test suite to improve overall test coverage.

Step 8: Integrate with Version Control

· Version Control Integra on:

o Integrate automated tests with version control systems to trigger tests on every code
commit or pull request.
Step 9: Handle Test Failures
· Automated No fica ons:

o Implement automated no fica ons to alert the development team in case of test failures.
· Integrate with Issue Tracking:
o Integrate test failures with issue tracking systems for streamlined bug resolu on.

Step 10: Con nuous Improvement

· Feedback Loop:
o Establish a feedback loop to con nuously improve test coverage and the effec veness of
automated tes ng.

By following these steps, teams can seamlessly integrate automated tes ng into their CI/CD pipeline,
ensuring rigorous tes ng at each stage of development. This approach enhances the reliability of the
applica on, accelerates the development cycle, and provides mely feedback to the development team.

141
 Application Developer-Web & Mobile

7.2.3 Continuous Integration of Bug Fixes and Best

Practices for Application Deployment
Ensuring a smooth and efficient development process involves not only con nuous integra on of new
features but also the seamless integra on of bug fixes. Addi onally, deploying applica ons successfully
requires adherence to best prac ces.

Fig. 7.2.4 Best prac ces for a successful transi on

Let's explore how to con nuously integrate bug fixes and discuss best prac ces for applica on
deployment:
Con nuous Integra on of Bug Fixes:
· Iden fy and Priori ze Bugs:

o Regularly monitor bug reports and iden fy cri cal issues.

o Priori ze bugs based on severity and impact on the applica on.

· Isolate Bug Fixes:

o Create dedicated branches or patches for each bug fix to isolate changes.

o This ensures that bug fixes do not interfere with ongoing development.
· Automate Tes ng for Bug Fixes:

o Integrate automated tests specifically targe ng the bug fixes.

o Ensure that the test suite covers the specific scenarios related to iden fied bugs.
· Implement Con nuous Integra on (CI):

o Integrate bug fix branches into the main development branch using CI tools.

o CI pipelines should run automated tests and perform code analysis to validate bug fixes.

142
Par cipant Handbook

· Automated Code Reviews:

o Set up automated code review processes to maintain code quality and consistency during
bug fix integra ons.

· Version Control System Tagging:

o Tag releases in the version control system to mark bug fix releases separately.
o Use seman c versioning to clearly communicate the nature of changes.

Fig. 7.2.5 Web applica on deployment

Best Prac ces for Applica on Deployment:

· Environment Consistency:
o Ensure consistency between development, tes ng, and produc on environments.

o Use containeriza on tools like Docker to package applica ons with dependencies.

· Automated Deployment Scripts:

o Create automated deployment scripts to streamline the deployment process.
o Scripts should handle tasks such as database migra ons, configura on updates, and
applica on startup.
· Rolling Deployments:
o Implement rolling deployments to minimize down me during updates.

o Gradually deploy updates across mul ple servers or instances.

· Monitoring and Rollback Procedures:

o Implement robust monitoring tools to track applica on performance post-deployment.

143
 Application Developer-Web & Mobile

o Establish rollback procedures in case issues arise, allowing a quick return to the previous
version.

· Immutable Infrastructure:

o Explore the use of immutable infrastructure where deployments involve replacing en re

instances rather than upda ng exis ng ones.
o This ensures consistency and reduces the risk of configura on dri .

· Con nuous Deployment Pipeline:

o Set up a con nuous deployment pipeline to automate the deployment process.
o Automate the promo on of successfully tested builds to produc on.

· Configura on Management:

o U lize configura on management tools to manage applica on configura ons across

different environments.

o This ensures consistency and reduces the likelihood of deployment-related issues.

· Performance Tes ng in Produc on-Like Environments:

o Conduct performance tes ng in produc on-like environments before deploying to
produc on.

o This helps iden fy and address poten al performance issues before impac ng users.
· User Communica on:
o Communicate upcoming deployments to end-users, especially for scheduled maintenance
windows.

o Provide release notes detailing bug fixes and new features.

· Post-Deployment Monitoring:

o Implement post-deployment monitoring to detect anomalies or issues that may arise a er

a new version goes live.
By integra ng bug fixes con nuously and adhering to best prac ces for deployment, development teams
can ensure a reliable and efficient so ware development lifecycle, delivering high-quality applica ons to
end-users.

7.2.4 Demonstrating Application Deployment to Services

Deploying applica ons to their appropriate services involves a strategic and coordinated process to
ensure a smooth transi on from development to produc on. Let's walk through the steps to push
applica ons to key services like web servers, API services, and database services:

144
Par cipant Handbook

Deploying to Web Servers:

· Package the Applica on:
o Bundle the applica on code, dependencies, and configura on files into a deployable
package.
o Common formats include container images (e.g., Docker) or compressed archives.
· Web Server Configura on:

o Ensure web server configura ons are in sync with the applica on requirements.

o Configure virtual hosts, server blocks, or any server-specific se ngs.

· Copy or Deploy:

o Use deployment scripts or tools to copy the packaged applica on to the web server.

o For containerized applica ons, deploy the container to the server.

· Restart Web Server:

o Restart the web server to apply changes and make the deployed applica on accessible.

Fig. 7.2.6 Automa on tools

145
 Application Developer-Web & Mobile

Deploying to API Services:

· API Service Compa bility:
o Verify that the deployed applica on is compa ble with the API service it interacts with.

o Ensure proper versioning and adherence to API specifica ons.

· Endpoint Configura on:
o Update endpoint configura ons in the applica on to align with the API service.

o Verify authen ca on creden als and authoriza on se ngs.

· Deployment Automa on:
o Use automa on tools to deploy the updated applica on to the API service.

o Ensure minimal down me by gradually transi oning traffic to the new version.

· Tes ng API Integra on:

o Conduct thorough tes ng of API interac ons to confirm proper func onality.

o Include tests for data integrity, request/response handling, and error scenarios.

Deploying to Database Services:

· Database Schema Updates:

o If the deployment involves database schema changes, ensure scripts for updates are in
place.
o Handle data migra ons and updates to maintain data integrity.
· Database Connec on Configura on:

o Update database connec on configura ons within the deployed applica on.
o Verify creden als, connec on strings, and any relevant database se ngs.
· Automated Deployments:

o U lize automated deployment tools or scripts for database changes.

o Schedule deployments during maintenance windows to minimize impact.
· Data Backup and Rollback Plan:

o Before deployment, back up cri cal data to prevent data loss in case of unforeseen issues.

o Have a rollback plan to revert to the previous state if needed.

Overall Best Prac ces:

· Environment-Specific Configura ons:

o Adapt configura ons for each service based on the target environment (development,
staging, produc on).

146
Par cipant Handbook

· Rolling Deployments:

o Implement rolling deployments to gradually introduce changes and reduce poten al

down me.
· Monitoring and Rollback:

o Set up monitoring for all services to detect anomalies post-deployment.

o Have a robust rollback plan in case issues are iden fied.

· Documenta on:

o Maintain comprehensive deployment documenta on outlining steps, configura ons, and

troubleshoo ng ps.
By following these steps and best prac ces, developers can ensure a reliable and controlled deployment
process, minimizing disrup ons and delivering a seamless experience for end-users.

7.2.5 Orientation on Standard Automation Tools: Chef

and Bamboo
Both Chef and Bamboo play crucial roles in modern DevOps prac ces, with Chef focusing on
infrastructure automa on and Bamboo specializing in con nuous integra on and deployment.
Depending on specific requirements, organiza ons may choose to use one or both tools in conjunc on
with their DevOps workflows.

Fig. 7.2.7 Best DevOps pla orms

147
 Application Developer-Web & Mobile

· Chef:
¨ Overview:

o Type: Configura on Management and Automa on Tool

o Purpose: Automates the configura on and management of infrastructure.

o Language: Wri en in Ruby; Uses a Ruby-based DSL for defining configura ons.

¨ Key Concepts:

o Recipes: Define how resources should be configured.

o Cookbooks: Collec ons of recipes, templates, and other resources.

o Nodes: Managed machines where Chef is installed.

o Chef Server: Centralized repository for cookbooks and configura ons.

¨ Workflow:

o Write Recipes: Develop recipes to specify how resources are configured.

o Create Cookbooks: Organize recipes, templates, and other files into cookbooks.
o Upload to Chef Server: Store cookbooks on the Chef Server for distribu on.
o Converge Nodes: Apply configura ons to nodes using the Chef client.

¨ Advantages:
o Flexibility: Supports various pla orms and cloud providers.
o Idempotent: Ensures that the system remains in the desired state, regardless of
the ini al state.

o Community and Marketplace: Access a vibrant community and a marketplace for

pre-built cookbooks.

· Bamboo:

¨ Overview:
o Type: Con nuous Integra on and Deployment Tool
o Purpose: Automates the build, test, and deployment processes.

o Developed by: Atlassian (known for Jira, Confluence).

¨ Key Features:
o Build Plans: Define how source code is compiled, tested, and packaged.

o Deployment Projects: Automate the deployment of applica ons to various

environments.
o Integra on with Atlassian Ecosystem: Seamless integra on with Jira, Bitbucket,
and other Atlassian products.

148
Par cipant Handbook

o Ar fact Sharing: Store and share build ar facts for traceability.

¨ Workflow:

o Configure Build Plans: Define the steps for building, tes ng, and packaging.

o Trigger Builds: Automa cally trigger builds on code commits or scheduled

intervals.

o Con nuous Deployment: Set up deployment projects for automated applica on

deployment.
o Integrate with Jira: Link Bamboo plans with Jira issues for enhanced visibility.
¨ Advantages:

o Ease of Use: User-friendly interface for configuring and managing build and
deployment processes.
o Scalability: Scales to accommodate growing development needs.

o Integra on: Seamless integra on with other Atlassian tools.

¨ Considera ons:
o Licensing: Bamboo may require licensing, depending on usage and team size.

o Atlassian Ecosystem: Works well within the Atlassian ecosystem; op mal for
teams already using Jira and Bitbucket.

Fig. 7.2.8 DevOps concepts

149
 Application Developer-Web & Mobile

7.2.6 Best Practices for Automating the CI/CD Pipeline

with Standard Automation Tools
Automa ng the Con nuous Integra on/Con nuous Delivery (CI/CD) pipeline streamlines the so ware
development lifecycle, enhancing efficiency, consistency, and reliability.
Here are best prac ces and methodologies for automa ng the CI/CD pipeline using standard automa on
tools such as Chef, Bamboo, etc.:
· Define Clear CI/CD Workflow:
o Clearly define the en re CI/CD workflow, from source code integra on to deployment.
o Break down the pipeline into stages (build, test, deploy) to maintain clarity.
· iInfrastructure as Code (IaC):
o Embrace Infrastructure as Code principles to define and manage infrastructure
configura ons.

o Use tools like Terraform or CloudForma on to provision and manage resources.

· Version Control Integra on:

o Integrate the CI/CD pipeline with version control systems (e.g., Git) to trigger builds on code
changes.
o U lize hooks and webhooks for seamless integra on.
· Automated Tes ng:
o Implement automated tes ng at each stage of the pipeline to catch issues early.
o Include unit tests, integra on tests, and end-to-end tests as part of the automa on.
· Ar fact Management:
o Use ar fact repositories to store and version ar facts generated during the build process.

o Ensure traceability and reproducibility of builds by managing dependencies.

· Configura on Management:

o Leverage configura on management tools like Chef, Ansible, or Puppet to automate server
configura on.
o Maintain consistency across different environments.
· Con nuous Deployment to Staging:
o Implement con nuous deployment to staging environments for valida on before
produc on.

o This ensures that only verified changes reach the produc on environment.
· Paralleliza on and Scalability:

o Design the CI/CD pipeline to execute tasks in parallel for faster results.

o Ensure scalability to handle increased workloads and parallel builds.

150
Par cipant Handbook

· Environment Variable Management:

o Manage environment-specific configura ons and secrets using secure and encrypted
environment variables.
o Ensure sensi ve informa on is protected.
· Monitoring and Logging:
o Integrate monitoring and logging tools to track the progress and performance of the CI/CD
pipeline.
o Use alerts to no fy stakeholders of any issues or failures.
· Con nuous Feedback:
o Provide con nuous feedback to developers through automated reports and no fica ons.
o Display test results, code quality metrics, and deployment status.
· Security Scanning:
o Integrate security scanning tools to iden fy vulnerabili es in dependencies and code.
o Automate security checks at every stage to ensure secure deployments.
· Rollback Mechanism:
o Implement a rollback mechanism in case of failed deployments.
o Ensure that the pipeline can quickly revert to a stable version.
· Documenta on:
o Maintain comprehensive documenta on for the CI/CD pipeline, including setup,
configura ons, and troubleshoo ng steps.
o Keep the documenta on up-to-date as the pipeline evolves.
· Collabora on and Knowledge Sharing:
o Foster collabora on between development, opera ons, and QA teams.
o Encourage knowledge sharing through code reviews, documenta on, and regular team
discussions.

Fig. 7.2.9 Implemen ng con nuous integra on and con nuous delivery (CI/CD) pipelines

By adhering to these best prac ces, development teams can establish a robust and efficient CI/CD
pipeline, automa ng repe ve tasks and facilita ng the rapid, reliable delivery of high-quality so ware.

151
 Application Developer-Web & Mobile

Exercise
Answer the following ques ons:

Short Ques ons:

1. What are the three main principles of modern so ware development related to integra on,
delivery, and deployment?
2. What is the primary purpose of version control in collabora ve development?
3. Name a standard opera on in version control for incorpora ng changes into the codebase.
4. Why is securing the source code repository crucial for so ware development teams?
5. What is the significance of code tagging and branching in collabora ve development
workflows?

Fill-in-the-Blanks:
1. Con nuous integra on, con nuous delivery, and con nuous deployment are principles that
aim to achieve ____________ so ware development.
A Seamless B Incremental
2. In version control, the process of combining code changes from different branches is known
as ____________.
A Merging B Tagging
3. To enhance the security of the source code repository, access controls, ____________, and
regular audits should be implemented.
A Encryp on B Compression
4. Applica on environment variables are used to manage the configura ons of ____________
environments.
A Development B Produc on
5. Automated tes ng using standard tools and scripts is an integral part of ensuring
____________ so ware.
A Robust B Sta c

True/False Ques ons:

1. Code tagging is primarily used for iden fying and marking specific points in the version history.
2. Con nuous integra on focuses on delivering changes to the produc on environment
immediately a er development.
3. The integra on of version control systems with project management tools promotes
collabora on between development and project teams.
4. Applica on tes ng should only be conducted manually to ensure thorough examina on of each
code change.
5. Con nuous integra on/con nuous delivery (CI/CD) pipelines aim to automate the en re
so ware development lifecycle, from code changes to deployment.

152
Par cipant Handbook

Notes

QR Code
Scan the QR Code to watch the related videos

h ps://youtu.be/57dkyTmOCmE
CI/CD Pipeline

154
 Application Developer-Web & Mobile

155
8. Test Engineering

Unit 8.1 - Tes ng Fundamentals and Methodologies

Unit 8.2 - Advanced Tes ng Techniques and Tools

SSC/N8125
 Application Developer-Web & Mobile

Key Learning Outcomes

At the end of this module, you will be able to:
1. Assess how different business and technical requirements translate into products

2. Assess different types of tes ng and tes ng requirements such as unit, sub-system, system, etc.
3. Evaluate reusability of test scenarios, test cases, scripts and tools

4. Apply the different types of tes ng methodologies

5. Develop test cases for so ware components of the system

6. Develop test cases for hardware components of the system

7. Use tools such as Selenium to design automated test scripts

8. Develop simula ons for tes ng so ware and hardware systems

9. Assess the type of test data that should be created
10. Recommend modifica ons to the design of so ware and hardware system based on the test data

157
Par cipant Handbook

UNIT 8.1: Tes ng Fundamentals and Methodologies

Unit Objectives
At the end of this unit, you will be able to:
1. Assess how different business and technical requirements translate into products
2. Assess different types of tes ng and tes ng requirements such as unit, sub-system, system, etc.
3. Evaluate reusability of test scenarios, test cases, scripts and tools

4. Apply the different types of tes ng methodologies

5. Develop test cases for so ware components of the system

6. Develop test cases for hardware components of the system

8.1.1 Navigating Business and Technical Dimensions in

Application Development
Assessing how different business and technical requirements translate into products is a crucial aspect of
the so ware development life cycle, par cularly in the context of applica on development for web and
mobile pla orms. This process involves a systema c evalua on of the diverse needs and specifica ons
from both business and technical perspec ves to ensure the successful crea on of robust and user-
friendly applica ons.

Fig. 8.1.1 Process of App development

Understanding Business Requirements:

Business requirements form the founda on of any so ware development project. These are derived from
the goals, objec ves, and needs of the business or organiza on commissioning the applica on. In the
domain of web and mobile development, business requirements encompass a wide range of
considera ons:

158
 Application Developer-Web & Mobile

· Func onal Specifica ons: Define the specific func onali es the applica on must deliver. For
example, e-commerce applica ons may require features like product lis ngs, shopping carts, and
secure checkout processes.
· User Experience (UX): Focus on how end-users will interact with the applica on. This includes
considera ons for intui ve naviga on, responsive design, and accessibility to ensure a posi ve
user experience across various devices.
· Security Requirements: Iden fy and address security concerns, such as data encryp on,
authen ca on mechanisms, and protec on against common web vulnerabili es.

· Performance Expecta ons: Determine the expected performance metrics, including response
mes, scalability, and reliability under various loads.
Understanding Technical Requirements:

Technical requirements pertain to the technologies, frameworks, and infrastructural elements needed to
bring the applica on to life. In the realm of web and mobile applica on development, technical
considera ons include:
· Pla orm and Technology Stack: Choose the appropriate development pla orms, such as
Android, iOS, or web browsers, and the corresponding technology stack, including programming
languages, frameworks, and databases.
· Integra on Points: Iden fy third-party services, APIs, or databases that the applica on will
integrate with to enhance func onality.

· Scalability and Flexibility: Plan for the scalability of the applica on to accommodate future
growth and changes. This involves considera ons for databases, server architectures, and overall
system design.

· Compliance and Standards: Adhere to industry standards, coding prac ces, and legal
requirements to ensure compa bility and compliance with regula ons.
Transla on into Products:

Once both business and technical requirements are thoroughly understood, the transla on into products
involves the following steps:
· Planning: Develop a detailed project plan outlining tasks, milestones, and resource requirements
based on the iden fied requirements.

· Design: Create a comprehensive design that aligns with both business and technical
specifica ons. This includes user interface (UI) design, database schema, and system architecture.
· Development: Implement the designed solu ons using the chosen technologies, ensuring that
the codebase meets both func onal and technical expecta ons.

· Tes ng: Conduct rigorous tes ng to validate that the developed product fulfills all iden fied
requirements. This includes func onal tes ng, performance tes ng, security tes ng, and user
acceptance tes ng.

159
Par cipant Handbook

· Deployment: Roll out the finalized product to the target environment, whether it be web servers,
app stores, or other distribu on channels.

By me culously assessing and aligning business and technical requirements throughout these stages,
developers can ensure the successful transla on of these requirements into high-quality web and mobile
applica ons. This approach contributes to the overall success and user sa sfac on of the deployed
products.

8.1.2 Assessing Different Types of Testing and Testing

Requirements in Application Development
Tes ng is a cri cal phase in the so ware development lifecycle that ensures the reliability, func onality,
and performance of applica ons. It involves a systema c evalua on of various components and aspects
of the so ware to iden fy and rec fy defects. In the context of applica on development for web and
mobile pla orms, understanding different types of tes ng and their corresponding requirements is
essen al for delivering high-quality, robust solu ons.

Fig. 8.1.2 So ware tes ng

· Unit Tes ng:

Unit tes ng focuses on evalua ng individual units or components of the applica on in isola on.

Requirements:
· Test each func on or method independently.

160
 Application Developer-Web & Mobile

· Verify that each unit performs its intended func onality.

· Ensure proper handling of edge cases and error scenarios.
· Integra on Tes ng:

Integra on tes ng assesses the interac ons between different units or components to ensure
they work together seamlessly.

Requirements:

· Test data flow and communica on between integrated components.

· Validate proper integra on of various modules.
· Iden fy and address any interface issues.

· System Tes ng:

System tes ng evaluates the complete and integrated applica on as a whole.
Requirements:

· Verify that the en re system meets specified requirements.

· Test system func onality in real-world scenarios.
· Assess system performance under varying condi ons.

· Acceptance Tes ng:

Acceptance tes ng determines if the applica on meets user and business requirements.
Requirements:

· Involve end-users to validate the applica on's alignment with their needs.

· Ensure compliance with business requirements.

· Confirm that the applica on is ready for deployment.

· Performance Tes ng:

Performance tes ng assesses the applica on's responsiveness, speed, and scalability.
Requirements:

· Evaluate response mes under normal and peak loads.

· Iden fy and address bo lenecks affec ng performance.

· Ensure the applica on can handle an cipated user traffic.
· Security Tes ng:

Security tes ng iden fies vulnerabili es and weaknesses in the applica on's security measures.

161
Par cipant Handbook

Requirements:
· Test for poten al security threats, such as SQL injec on or cross-site scrip ng.
· Ensure data encryp on and secure communica on.

· Verify the implementa on of access controls.

· Usability Tes ng:

Usability tes ng evaluates the applica on's user interface and overall user experience.

Requirements:

· Assess the clarity and intui veness of the user interface.

· Iden fy areas for improvement in user interac on.

· Ensure accessibility for users with diverse needs.

· Regression Tes ng:

Regression tes ng ensures that new changes or features do not nega vely impact exis ng
func onality.
Requirements:

· Test previously validated features a er each code change.

· Detect and rec fy any unintended side effects.
· Verify the con nued reliability of the applica on.

By understanding and applying these tes ng types and their respec ve requirements, developers can
systema cally evaluate and enhance the quality of web and mobile applica ons throughout the
development process. Each tes ng type serves a specific purpose, contribu ng to the overall success of
the so ware.

8.1.3 Evaluating Reusability in Test Engineering: A

Strategic Approach
Reusability is a cornerstone in the realm of test engineering, fostering efficiency, consistency, and
scalability in the tes ng process. The ability to leverage and repurpose test scenarios, test cases, scripts,
and tools not only accelerates development cycles but also contributes to maintaining a robust and
reliable tes ng framework.

162
 Application Developer-Web & Mobile

Fig. 8.1.3 Reusability in test engineering

Let's delve into the key aspects of evalua ng reusability in the context of web and mobile applica on
development.
Test Scenarios:

Test scenarios represent a set of condi ons or variables that help determine the tes ng objec ves.

Evalua on Criteria:
Flexibility: Assess whether test scenarios are adaptable to various situa ons and requirements.

Modularity: Gauge the degree to which test scenarios can be broken down into reusable components.

Parameteriza on: Verify the ease of adjus ng inputs for different test condi ons.
Test Cases:
Test cases are specific condi ons or variables under which a tester will determine whether an applica on
feature works as intended.
Evalua on Criteria:
Independence: Evaluate if test cases can func on independently or require specific dependencies.

Coverage: Assess the breadth of applica on features covered by each test case.
Maintainability: Check the ease of upda ng or modifying test cases when needed.

Test Scripts:

Test scripts are automated sequences of ac ons that simulate user interac ons with the applica on.
Evalua on Criteria:

163
Par cipant Handbook

Modularity: Examine the degree to which test scripts can be segmented and reused across different
scenarios.

Parameteriza on: Ensure the adaptability of test scripts to varying inputs and condi ons.

Scalability: Assess how easily test scripts can be scaled to accommodate growing test suites.
Tes ng Tools:
Tes ng tools encompass both manual and automated tools used to execute test scenarios, test cases, and
scripts.
Evalua on Criteria:
Compa bility: Verify the compa bility of tes ng tools with diverse applica on architectures and
technologies.

Integra on: Assess the ease of integra ng tes ng tools with other components of the development
ecosystem.
Versa lity: Evaluate the tool's applicability across various tes ng types and scenarios.

Benefits of Reusability:
Efficiency: Reusable components reduce redundancy, saving me and effort in crea ng new tests.
Consistency: Standardized test scenarios and cases contribute to consistent tes ng prac ces.

Scalability: Reusable elements facilitate the scaling of test suites to accommodate evolving project
requirements.
Maintenance: Updates or changes can be applied uniformly across reused components, easing
maintenance efforts.

Fig. 8.1.4 Differences between mobile app and website development

164
 Application Developer-Web & Mobile

In conclusion, the evalua on of reusability in test engineering is pivotal for crea ng a robust, scalable, and
efficient tes ng framework. By strategically assessing and implemen ng reusable test components,
developers can streamline the tes ng process and contribute to the overall success of web and mobile
applica on development.

8.1.4 Applying Testing Methodologies: A Comprehensive

Guide
In the dynamic landscape of so ware development, tes ng methodologies play a pivotal role in ensuring
the reliability, func onality, and quality of web and mobile applica ons. Tes ng methodologies
encompass a range of systema c approaches that help developers iden fy and address poten al issues
throughout the development lifecycle. Let's explore the applica on of different tes ng methodologies in
the context of applica on development.
· Manual Tes ng:

Manual tes ng involves human testers execu ng test cases without the use of automa on tools.

Applica on:
· Exploratory Tes ng: Testers explore the applica on to iden fy defects, relying on their
intui on and experience.

· Usability Tes ng: Assessing the user-friendliness and overall user experience of the
applica on.
· Ad-hoc Tes ng: Unplanned tes ng to iden fy issues that may not be covered in formal
test cases.

· Automated Tes ng:

Automated tes ng involves using specialized tools to execute pre-scripted tests on so ware
applica ons.

Applica on:
· Regression Tes ng: Automa ng repe ve test cases to ensure that new code changes
do not adversely affect exis ng func onality.

· Performance Tes ng: Simula ng user interac ons under different load condi ons to
assess system performance.
· Integra on Tes ng: Automa ng tests to verify the interac on between integrated
components.

· Black Box Tes ng:

165
Par cipant Handbook

Black box tes ng focuses on assessing the func onality of an applica on without knowledge of its
internal code.

Fig. 8.1.5 Black box tes ng

Applica on:

· Func onal Tes ng: Evalua ng the applica on's func ons against specified
requirements.
· Acceptance Tes ng: Verifying that the applica on meets user acceptance criteria
without knowledge of its internal structure.

· System Tes ng: Assessing the en re system as a whole to ensure all components work
together seamlessly.
· White Box Tes ng:

White box tes ng involves tes ng an applica on with knowledge of its internal code and
structure.
Applica on:

· Unit Tes ng: Verifying the func onality of individual units or components of the
applica on.
· Code Review: Examining the source code for poten al vulnerabili es, bugs, or code
quality issues.

· Path Tes ng: Evalua ng specific paths or flows within the applica on to iden fy
poten al issues.

167
 Application Developer-Web & Mobile

· v.Agile Tes ng:

Agile tes ng integrates tes ng ac vi es within the Agile development process, emphasizing
collabora on and adaptability.
Applica on:
· Con nuous Tes ng: Ensuring tes ng ac vi es are seamlessly integrated into the
itera ve Agile development cycles.
· User Story Tes ng: Verifying that each user story meets the acceptance criteria defined
by stakeholders.

· Test-Driven Development (TDD): Wri ng tests before wri ng the code to drive the
development process.
· Performance Tes ng:

Performance tes ng assesses the responsiveness, speed, and overall performance of an

applica on.
Applica on:
· Load Tes ng: Evalua ng the applica on's performance under expected load
condi ons.

· Stress Tes ng: Assessing the applica on's stability under extreme condi ons to iden fy
breaking points.

· Scalability Tes ng: Verifying the applica on's ability to scale with increasing user loads.

· Security Tes ng:

Security tes ng iden fies vulnerabili es, weaknesses, and poten al threats in an applica on.
Applica on:

· Penetra on Tes ng: Simula ng cyber-a acks to iden fy and fix security vulnerabili es.
· Authen ca on Tes ng: Verifying the robustness of authen ca on mechanisms to
prevent unauthorized access.

· Data Encryp on Tes ng: Assessing the effec veness of data encryp on measures to
protect sensi ve informa on.
· User Acceptance Tes ng (UAT):

UAT involves end-users evalua ng the applica on to ensure it meets their requirements and
expecta ons.
Applica on:
· Alpha Tes ng: Conduc ng UAT within the development environment.

· Beta Tes ng: Releasing the applica on to a select group of external users for real-world

168
Par cipant Handbook

tes ng.
· Usability Tes ng: Assessing the applica on's ease of use and overall user experience.

Benefits of Applying Different Tes ng Methodologies:

· Early Issue Iden fica on: Varied tes ng methodologies enable the iden fica on of issues at
different stages of development.
· Comprehensive Coverage: A combina on of tes ng approaches ensures comprehensive
coverage of various aspects of an applica on.
· Adaptability: Different methodologies cater to the diverse needs and requirements of specific
projects.

· Op mized Resource U liza on: Leveraging the right tes ng approach at the right stage op mizes
resource u liza on.

Fig. 8.1.6 Tes ng methodologies

In conclusion, the applica on of different tes ng methodologies is instrumental in ensuring the reliability,
security, and performance of web and mobile applica ons. A strategic and well-balanced approach to
tes ng contributes to the overall success of the development process, fostering high-quality so ware
solu ons.

8.1.5 About Test Cases

Test cases are detailed sets of condi ons, steps, and inputs that are me culously designed and executed
to evaluate the func onality, performance, and features of a so ware applica on or system. They serve
as a structured framework for assessing whether the so ware behaves as intended under various
scenarios. Let's delve into the fundamental aspects of test cases:

Components of a Test Case:

· Test Case ID:

¨ Defini on: A unique iden fier assigned to each test case.

169
 Application Developer-Web & Mobile

¨ Example: TC_Login_001 (for the first login test case).

· Descrip on:

¨ Defini on: A brief but comprehensive overview of the test case's purpose.
¨ Example: Verify the user authen ca on process.
· Test Steps:

¨ Defini on: Detailed instruc ons outlining the sequence of ac ons to be performed during the test.

¨ Example:
üEnter valid username and password.
üClick the "Login" bu on.
· Expected Results:
¨ Defini on: The an cipated outcome or behavior of the so ware a er execu ng the test steps.

¨ Example: Successful login, redirec ng to the user dashboard.

· Actual Results:
¨ Defini on: The observed outcomes during the test execu on.

¨ Example: If the login is successful, the actual result aligns with the expected result.
· Precondi ons:
¨ Defini on: The specific condi ons that must be met before execu ng the test case.

¨ Example: User account exists, and the system is accessible.

· Post-condi ons:
¨ Defini on: The an cipated state of the system a er the test case execu on.
¨ Example: The user remains logged in and can access account features.

Purpose of Test Cases:

· Verifica on: Confirm that the so ware adheres to specified requirements and behaves as
intended.

· Valida on: Ensure that the so ware meets user expecta ons and func ons flawlessly in its
intended environment.
· Error Detec on: Iden fy and rec fy defects or anomalies in the so ware's behavior.

· Documenta on: Serve as comprehensive documenta on for quality assurance, providing a clear
record of tested func onali es.
Types of Test Cases:

· Posi ve Test Cases:

o Focus: Verify that the system behaves correctly under normal condi ons.

170
Par cipant Handbook

o Example: Successful login, accurate calcula on of a mathema cal func on.

· Nega ve Test Cases:

o Focus: Assess how the system handles erroneous or unexpected inputs.

o Example: Login failure with incorrect creden als, error message display.
· Boundary Test Cases:

o Focus: Evaluate the system's response at the limits or boundaries of acceptable inputs.

o Example: Tes ng a calculator's upper and lower limits for arithme c opera ons.
· Integ on Test Cases:

o Focus: Validate the interac ons between integrated components.

o Example: Tes ng the interac on between a web applica on and a database.

Benefits of Well-Structured Test Cases:

· Thorough Coverage: Address various scenarios to ensure comprehensive tes ng.

· Reproducibility: Enable consistent and repeatable tes ng procedures.

· Efficient Debugging: Facilitate the iden fica on and resolu on of defects.
· Documenta on: Serve as a valuable reference for tes ng processes and outcomes.

In essence, test cases act as a systema c approach to validate the integrity, func onality, and quality of
so ware applica ons, contribu ng significantly to the overall so ware tes ng and quality assurance
process.

8.1.6 Developing Effective Test Cases for Software

Components
Tes ng so ware components is an integral part of ensuring the func onality, reliability, and quality of a
system.

Fig. 8.1.7 How to write test cases for so ware

171
 Application Developer-Web & Mobile

Let's explore the process of developing comprehensive test cases for so ware components, along with
examples and demonstra ons:

· Understanding So ware Requirements:

o Objec ve: Gain a clear understanding of the so ware specifica ons and requirements.

o Example: If the so ware component involves user authen ca on, understand the
requirements related to password complexity, account lockout policies, etc.
· Iden fying Test Scenarios:

o Objec ve: Enumerate various scenarios to assess the so ware component's func onality.

o Example: For an e-commerce pla orm, test scenarios may include adding items to the cart,
upda ng quan es, and comple ng the checkout process.
· Defining Test Inputs:
o Objec ve: Specify the input parameters and condi ons required for tes ng the so ware
component.

o Example: If tes ng a search feature, define the search queries to be used as input.
· Crea ng Test Steps:
o Objec ve: Develop step-by-step ac ons to execute the test case.

o Example: Test steps for a login func onality may include entering valid creden als, clicking
the login bu on, and verifying successful login.

· Ensuring Independence of Test Cases:

o Objec ve: Develop test cases that can be executed independently.

o Example: A test case for product lis ng should not rely on the successful execu on of a
separate checkout test case.

· Priori zing Test Cases:

o Objec ve: Priori ze based on the cri cality and impact of the so ware component.
o Example: Test high-impact features or cri cal func onali es first, such as payment
processing in a financial applica on.

· Verifying Traceability:

o Objec ve: Ensure each test case aligns with specific requirements.
o Example: Verify that the test case for user registra on corresponds to the documented
registra on requirements.

· Considering Nega ve Tes ng:

o Objec ve: Include test cases to assess how the so ware component handles unexpected
condi ons.

172
Par cipant Handbook

o Example: Test what happens when invalid data is entered into a form, and ensure the
system responds appropriately.
· Implemen ng Data-Driven Tes ng:
o Objec ve: U lize various input data sets to enhance test coverage.
o Example: Test a messaging feature with different message lengths, special characters, and
a achments.
· Incorpora ng Boundary Tes ng:
o Objec ve: Assess how the so ware component performs at its opera onal limits.
o Example: Test how a file upload feature handles very large or very small file sizes.
· Reviewing and Valida ng Test Cases:
o Objec ve: Conduct thorough reviews to validate the clarity, accuracy, and completeness of
test cases.
o Example: Peer reviews help iden fy poten al improvements and ensure that test cases are
comprehensive.
· Documen ng Test Case Ar facts:
o Objec ve: Maintain clear and concise documenta on for each test case.
o Example: Document the test case ID, descrip on, steps, expected results, and actual results
in a centralized repository.
Benefits of Effec ve So ware Test Case Development:
· Enhanced So ware Quality: Well-developed test cases contribute to the iden fica on and
resolu on of so ware issues.
· Improved User Experience: Rigorous tes ng ensures that so ware components func on
seamlessly, providing a posi ve user experience.
· Robust Fault Detec on: Comprehensive tes ng reveals how so ware components handle
unexpected condi ons, improving fault detec on.
· Facilitated Troubleshoo ng: Clear documenta on aids in the efficient iden fica on and
resolu on of so ware-related problems.

Fig. 8.1.8 Types of mobile app tes ng

By following these key ac vi es and examples, tes ng teams can develop a robust suite of test cases that
assess the func onality and reliability of so ware components within a system. This approach
contributes to the overall quality assurance process and ensures the delivery of high-quality so ware
solu ons.

173
 Application Developer-Web & Mobile

8.1.7 Developing Effective Test Cases for Hardware

Components
Tes ng hardware components is a cri cal aspect of ensuring the reliability, performance, and
compa bility of a system. Here's a structured approach to developing effec ve test cases for hardware
components:
Developing Test Cases for Hardware Components:
· Test Case Iden fica on:

o Example: TC_Hardware_001
o Explana on: A unique iden fier for the first hardware test case, facilita ng traceability and
organiza on.

· Descrip on:

o Example: Verify the func onality of the graphic processing unit (GPU).
o Explana on: The descrip on ar culates the specific objec ve of the test case, focusing on
the GPU's func onality.

· Test Steps:
o Example:
üPower on the hardware system.
üLaunch a graphics-intensive applica on.
üMonitor GPU temperature and fan speed.
o Explana on: The test steps provide a step-by-step guide for execu ng the hardware test,
ensuring comprehensive coverage.

· Expected Results:
o Example: The GPU effec vely processes graphics without overhea ng, and fan speed
adjusts based on workload.

o Explana on: Expected results set criteria for determining the success or failure of the
hardware test, aligning with desired outcomes.
· Actual Results:

o Example: If the GPU operates within specified parameters, the actual result aligns with
expecta ons.
o Explana on: During execu on, the tester records observed outcomes, allowing for a direct
comparison with expected results.

· Precondi ons:
o Example: Adequate power supply and correct hardware connec ons.
o Explana on: Precondi ons establish necessary condi ons for execu ng the hardware test,
ensuring a controlled tes ng environment.

174
Par cipant Handbook

· Post-condi ons:
o Example: Hardware components remain opera onal, and system stability is maintained.

o Explana on: Post-condi ons outline the an cipated state of the system a er hardware
test execu on, providing insights into expected outcomes.

Fig. 8.1.9 How to write test cases in so ware tes ng

Types of Test Cases for Hardware Components:

· Func onal Test Cases:

o Example: Validate the func onality of a USB port by connec ng and detec ng external
devices.
o Explana on: Func onal test cases assess if hardware components perform their intended
func ons correctly.

· Performance Test Cases:

o Example: Test the processing speed of the central processing unit (CPU) under maximum
load.

o Explana on: Performance test cases evaluate hardware capabili es under various
condi ons.
· Compa bility Test Cases:

o Example: Ensure compa bility between a printer and the computer's USB port.

o Explana on: Compa bility test cases assess the harmonious interac on between
hardware components.
Benefits of Well-Structured Hardware Test Cases:

· Reliability: Well-defined test cases enhance the reliability of hardware tes ng processes, reducing
the likelihood of oversights.
· Predictability: Structured test cases provide a predictable framework for execu ng hardware

175
 Application Developer-Web & Mobile

tests, contribu ng to consistent results.

· Quality Assurance: Hardware test cases contribute to quality assurance efforts, ensuring the
robustness and dependability of hardware components.

· Troubleshoo ng: Clear test cases aid in iden fying and troubleshoo ng hardware issues,
facilita ng effec ve debugging.
· Documenta on: Structured test cases serve as essen al documenta on, fostering knowledge
transfer and future reference.

Fig. 8.1.10 Hardware tes ng

Developing comprehensive and well-structured test cases for hardware components is integral to the
overall quality assurance process. These test cases contribute to ensuring the func onality, performance,
and reliability of hardware systems, fostering confidence in their deployment within diverse applica ons
and environments.

176
Par cipant Handbook

Notes

QR Code
Scan the QR Code to watch the related videos

h ps://youtu.be/6rNgPXz9A9s
So ware Tes ng Techniques

177
 Application Developer-Web & Mobile

UNIT 8.2: Advanced Tes ng Techniques and Tools

Unit Objectives
At the end of this unit, you will be able to:
1. Use tools such as Selenium to design automated test scripts
2. Develop simula ons for tes ng so ware and hardware systems
3. Assess the type of test data that should be created

4. Recommend modifica ons to the design of so ware and hardware system based on the test data

8.2.1 Introduction to Automated Test Script Design with

Selenium
In the realm of web and mobile applica on tes ng, Selenium stands out as a powerful and widely-used
automa on framework. From the basics of Selenium setup to advanced scrip ng techniques, we will
navigate through the key aspects, demonstra ng how Selenium facilitates the crea on of robust and
efficient automated tests. This knowledge is essen al for developers and testers seeking to ensure the
quality and reliability of their applica ons in a dynamic and fast-paced development environment.

Fig. 8.2.1 Test automa on es ma on when using selenium es ma on tools

178
Par cipant Handbook

Automated Test Script Design with Selenium:

· Introduc on to Selenium:
o Overview: Selenium is a widely-used open-source automa on tes ng framework for web
applica ons.

o Significance: It facilitates the crea on of automated test scripts to verify the func onality of
web elements and ensure applica on reliability.
· Se ng Up Selenium:

o Installa on: Install Selenium WebDriver and necessary dependencies.

o Configura on: Configure the Selenium environment for the specific development and
tes ng environment.

· Script Design Basics:

o Language Support: Selenium supports various programming languages like Java, Python,
C#, etc.
o Script Structure: Organize scripts into modular func ons for be er maintainability.

· Locators and Web Elements:

o Iden fica on: Use locators (ID, Name, XPath, CSS selectors, etc.) to iden fy and interact
with web elements.

o Examples:

üdriver.findElement(By.id("elementID")).click();
driver.findElement(By.xpath("//input[@name='username']")).sendK eys("exam
pleUser");

· Interac ons and Asser ons:

o User Interac ons: Simulate user ac ons like clicks, typing, and dropdown selec ons.
o Asser ons: Verify expected outcomes with asser ons to confirm the applica on's
correctness.
o Examples:
üassertTrue(driver.getTitle().contains("Expected Title"));

üassertEquals("Expected Text",
driver.findElement(By.xpath("//div[@class='example']")).getText());
· Handling Dynamic Content:

o Wait Strategies: Implement explicit or implicit waits to handle dynamic content loading.

o Examples:
üWebDriverWait wait = new WebDriverWait(driver, 10);

179
 Application Developer-Web & Mobile

wait.un l(ExpectedCondi ons.visibilityOfElementLocated(By.id("dynamicElem

ent")));
· Data-Driven Tes ng:
o Parameteriza on: Enhance test coverage by parameterizing test data.

o Examples:
üString username = "testUser";
üString password = "testPassword";

· Integra ng with TestNG or JUnit:

o Test Execu on: Integrate Selenium scripts with tes ng frameworks like TestNG or JUnit.
o Annota ons: U lize annota ons for setup, teardown, and test execu on control.

o Examples:

ü@BeforeMethod, @A erMethod, @Test

· Repor ng and Logging:

o Repor ng Tools: Integrate repor ng tools (e.g., Extent Reports) for detailed test execu on
reports.
o Logging: Use logging mechanisms to capture run me informa on for debugging.

o Examples:

ülogger.info("Test Passed");
üextentReport.createTest("Test Case 001").pass("Test Passed");

Fig. 8.2.2 Guidelines to design an automa on tes ng framework

180
Par cipant Handbook

Benefits of Selenium for Automated Tes ng:

· Cross-Browser Compa bility: Selenium supports tes ng across various browsers, ensuring
applica on compa bility.

· Reusable Test Scripts: Selenium enables the crea on of modular and reusable test scripts,
enhancing efficiency.
· Parallel Execu on: Selenium facilitates parallel test execu on, reducing overall test suite run me.
· Integra on Capability: It integrates seamlessly with tes ng frameworks and tools, enhancing test
management.
Selenium stands as a robust and versa le tool for automa ng web applica on tes ng, offering a range of
features to streamline the test engineering process. Through effec ve script design and integra on with
tes ng frameworks, Selenium empowers developers and testers to achieve comprehensive and reliable
automated tes ng within the web and mobile applica on development landscape.

8.2.2 Simulating Scenarios for Comprehensive Software

and Hardware Testing
Simula ons serve as indispensable tools for replica ng real-world scenarios, allowing thorough
evalua on and valida on of system components.
Key Components of Simula on Development:

· Scenario Iden fica on: Begin by iden fying cri cal scenarios that mimic real-world usage or
stress condi ons.
· Model Crea on: Develop accurate models for so ware and hardware interac ons, ensuring
simula ons mirror actual system behavior.

· Variable Manipula on: Introduce variables to simulate diverse condi ons, enabling
comprehensive tes ng coverage.
· Boundary Tes ng: Assess system resilience by pushing simula on boundaries and evalua ng
system responses.

· Error Scenarios: Incorporate simulated errors to gauge system robustness and error-handling
capabili es.

181
 Application Developer-Web & Mobile

Fig. 8.2.3 An overview of the so ware tes ng procedure

Benefits of Simula on in Tes ng:
· Risk Mi ga on: Simula ons help iden fy poten al issues and weaknesses before actual
deployment.
· Comprehensive Tes ng: Test various scenarios that might be challenging to replicate in a live
environment.
· Cost-Efficiency: Simulated tes ng minimizes the need for extensive real-world tes ng, reducing
costs and me.
Simula on Tools and Techniques:

U lize specialized simula on tools tailored for so ware and hardware tes ng, ensuring accurate
representa on and reliable results.
By mastering the art of simula on development, developers and testers enhance their ability to
ensure so ware and hardware systems meet the highest standards of performance, reliability, and
adaptability.

8.2.3 Strategic Assessment of Test Data Creation

Effec ve tes ng relies on me culously cra ed test data that encapsulates diverse scenarios, ensuring
comprehensive coverage and robust valida on.

Fig. 8.2.4 Test data management process

182
Par cipant Handbook

Key Considera ons for Test Data Assessment:

· Scenario Relevance: Evaluate the relevance of test data to real-world scenarios, aligning with
business and technical requirements.

· Data Variability: Assess the variability of test data to cover a spectrum of inputs, ensuring the
system's adaptability.

· Edge Cases: Include edge cases and extreme scenarios in test data to uncover poten al
vulnerabili es and validate system resilience.
· Data Size and Volume: Consider the size and volume of test data to simulate realis c usage
condi ons and evaluate system performance.

· Data Privacy and Sensi vity: Evaluate the sensi vity of test data, ensuring compliance with data
privacy regula ons and safeguarding sensi ve informa on.
· Data Rela onships: Reflect real-world data rela onships within the test data, addressing
dependencies and interac ons between data elements.

Benefits of Though ul Test Data Crea on:

· Comprehensive Tes ng Coverage: Well-designed test data ensures that all aspects of the system
are thoroughly tested, leaving no room for oversight.

· Accurate Simula on: Realis c test data enhances the accuracy of simula ons, providing insights
into how the system performs under various condi ons.
· Effec ve Issue Detec on: Though ully created test data facilitates the detec on of poten al
issues, contribu ng to proac ve issue resolu on.

Tools and Techniques:

Leverage test data genera on tools and techniques that align with the tes ng requirements, streamlining
the process and enhancing efficiency.

By adop ng a strategic approach to assess and create test data, developers and testers contribute
significantly to the robustness and reliability of the so ware and hardware systems under evalua on.

8.2.4 Test Data-Driven Design Recommendations

The insights derived from test data play a pivotal role in refining the design of both so ware and hardware
systems. Here, we explore how these recommenda ons emerge organically from the test data analysis.

Fig. 8.2.5 Data driven tes ng

183
 Application Developer-Web & Mobile

Analyzing Test Data for Design Insights:

· Iden fying Weaknesses: Through comprehensive test data evalua on, pinpoint weaknesses,
bo lenecks, or vulnerabili es within the exis ng system design.

· Performance Metrics: Assess system performance metrics under varying test data scenarios to
uncover areas for improvement in responsiveness and efficiency.

· Error Handling: Evaluate how the system handles diverse test data, emphasizing error scenarios.
Iden fy areas for enhanced error detec on, logging, and graceful recovery.

· Scalability Assessment: Use test data to simulate scenarios of increased load or scale. Assess how
the system copes with scalability challenges and iden fy poten al scaling improvements.

Recommenda ons for So ware System Modifica ons:

· Algorithmic Enhancements: Modify algorithms based on the analysis of test data to improve
computa onal efficiency, response mes, or data processing.

· User Interface Refinements: Test data insights can guide user interface enhancements, ensuring
intui ve interac ons and addressing user experience concerns.

· Data Handling Op miza ons: Op mize data storage, retrieval, and processing based on the
pa erns observed during test data evalua ons.

Recommenda ons for Hardware System Modifica ons:

· Resource Alloca on: Test data can guide adjustments in resource alloca on, op mizing the
alloca on of CPU, memory, or other hardware resources.

· Hardware Compa bility: Iden fy and address compa bility issues with different hardware
configura ons, ensuring seamless performance across diverse setups.

· iii.Integra on Improvements: Use test data insights to refine the integra on points between
so ware and hardware components, enhancing overall system cohesion.

Itera ve Design Refinement:

The itera ve nature of test data-driven design recommenda ons fosters con nuous improvement.
Regularly reassess and refine the system design based on ongoing test data analyses, aligning the system
with evolving requirements and user expecta ons.

By incorpora ng recommenda ons from test data analyses, developers contribute to the evolu on of
robust and adaptable so ware and hardware systems, ensuring they align closely with user needs and
industry standards.

184
Par cipant Handbook

Fig. 8.2.6 Data-driven tes ng - validate the accuracy of data

8.2.5 Creating Documentation on Tests or Simulations

Documenta on on tests or simula ons is essen al for web and mobile applica on development. It
provides clarity and guidance for developers, testers, and stakeholders. Here's a concise breakdown:
· Test Plan Overview:

o Outline objec ves, scope, and tes ng methodology.

o Specify types of tests to be conducted.
· Test Cases:

o Detail individual tests with inputs, expected outputs, and steps to reproduce.

o Specify precondi ons and post-condi ons.

· Test Environment Setup:

o Describe hardware, so ware, and network configura ons.

o Provide setup instruc ons.

· Test Execu on Procedures:

o Define test execu on procedures and responsible par es.

o Specify how results will be documented and reported.

185
 Application Developer-Web & Mobile

· Test Data and Resources:

o Iden fy test data and resources needed.

o Ensure representa on of real-world scenarios.

· Regression Tes ng Strategy:
o Outline regression tes ng strategy and frequency.

o Specify areas to be retested.

· Performance and Load Tes ng:

o Document performance tes ng procedures and tools used.

o Define load tes ng scenarios.

· Security Tes ng:

o Detail security tes ng procedures and tools.

o Specify vulnerability mi ga on strategies.

· User Acceptance Tes ng (UAT):

o Describe UAT procedures and acceptance criteria.
o Specify feedback collec on process.

· Documenta on Maintenance:
o Establish procedures for maintaining and upda ng documenta on.
o Ensure accuracy and relevance over me.

8.2.6 Validating Test Components

Valida ng test plans, cases, and automated scripts is vital for effec ve web and mobile applica on tes ng.
Here's a brief guide on how to do it with the right people:

· Iden fy Stakeholders:
o Determine key stakeholders, including developers, testers, and project managers.
· Review and Validate:

o Present test plans, cases, and scripts for stakeholder review and feedback.

o Ensure alignment with project requirements and objec ves.

· Incorporate Feedback:

o Solicit and address feedback to improve test comprehensiveness and relevance.

o Document any modifica ons made based on feedback.

186
Par cipant Handbook

· Ensure Alignment:
o Verify that test components align with project requirements and acceptance criteria.
o Confirm effec ve risk mi ga on and business objec ve coverage.

· Itera ve Process:
o Implement an itera ve valida on process to incorporate ongoing feedback and
improvements.

o Maintain clear communica on channels and collabora on throughout.

· Final Approval:
o Obtain final approval from stakeholders once valida on is complete.

Ensure consensus and confidence in the tes ng approach before execu on.

187
 Application Developer-Web & Mobile

Exercise
Answer the following ques ons:

Short Ques ons:

1. What is the significance of assessing how different business and technical requirements translate
into products in the context of test engineering?
2. Name one type of tes ng requirement commonly used in so ware tes ng that assesses
individual components or func ons.
3. Why is the reusability of test scenarios, test cases, scripts, and tools crucial for efficient tes ng
prac ces?
4. Provide an example of a tes ng methodology and briefly explain its applica on in so ware
development.
5. Why is the development of test cases essen al for ensuring the reliability and func onality of
so ware components?success?
Fill-in-the-Blanks:

1. To design automated test scripts, testers o en use tools such as __________.

a) Java
b) Selenium
2. Evalua ng the reusability of test assets contributes to __________ tes ng prac ces.
a) efficient
b) isolated
3. System tes ng evaluates the func onality of the __________ system.
a) individual
b) en re
4. Developing simula ons for tes ng so ware & hardware systems helps in assessing their ___.
a) performance
b) documenta on
5. When crea ng test data, it's crucial to consider various __________ scenarios.
a) error
b) tes ng

True/False Ques ons:

1. Assessing how different business and technical requirements translate into products is primarily
a concern for developers, not testers.)

2. Assessing how different business and technical requirements translate into products is primarily
a concern for developers, not testers.evelopment needs does not involve addressing changes in
requirements. (True/False)

3. Reusability of test scenarios, test cases, scripts, and tools is more relevant for one- me tes ng
efforts than for repeated tes ng cycles.
4. Selenium is a hardware tes ng tool widely used for assessing the func onality of physical
components.

5. Recommending modifica ons to the design of so ware and hardware systems based on test data
is a one- me ac vity rather than an itera ve process.

188
Par cipant Handbook

Notes

189
 Application Developer-Web & Mobile

190
9. Bugs Fixing and
Performance
Improvement

Unit 9.1 - Bugs Fixing and Performance Improvement

SSC/N8418
 Application Developer-Web & Mobile

Key Learning Outcomes

At the end of this module, you will be able to:
1. Explain how to iden fy and record so ware bugs

2. Explain different types of bugs (such as unexpected, null, bad input etc.)
3. Demonstrate best prac ces for logging bugs in a case tracking system

4. Demonstrate how to iden fy user behavior prior to bug iden fica on

5. Demonstrate how to analyze and isolate por on of source code where the bug occurs
6. Demonstrate how build unit test cases to iden fy and isolate so ware bugs

7. Discuss how to con nuously iterate and develop so ware code free of any bugs

8. Log all ac vi es of the applica on

9. Analyze abnormal system behavior using applica on log.

192
Par cipant Handbook

Unit 9.1 Bugs Fixing and Performance Improvement

Unit Objectives
At the end of this unit, you will be able to:
1. Explain how to iden fy and record so ware bugs
2. Explain different types of bugs (such as unexpected null, bad input etc.)
3. Demonstrate best prac ces for logging bugs in a case tracking system

4. Demonstrate how to iden fy user behavior prior to bug iden fica on

5. Demonstrate how to analyze and isolate por on of source code where the bug occurs
6. Demonstrate how build unit test cases to iden fy and isolate so ware bugs

7. Discuss how to con nuously iterate and develop so ware code free of any bugs

8. Log all ac vi es of the applica on

9. Analyze abnormal system behavior using applica on log.

9.1.1 Software Bug

A so ware bug refers to a flaw, error, or fault present in the design, development, or opera on of
computer so ware. This issue results in the so ware producing outcomes that are incorrect or
unexpected, or it may exhibit unintended behaviors.

Fig. 9.1.1 So ware Bug

193
 Application Developer-Web & Mobile

Factors contribu ng to So ware Bugs:

· Unclear Requirements: Ambiguous or poorly defined project requirements can lead to
misunderstandings and, consequently, so ware bugs.
· Programming Errors: Mistakes made during the coding phase, such as syntax errors or logical
mistakes, can introduce bugs.

· So ware Complexity: The intricacy of so ware systems can create challenges in iden fying and
resolving bugs.
· Lack of Communica on: Poor communica on among team members may result in
misunderstandings, leading to bugs.

· Timeline Devia on: Straying from the planned project meline can introduce rushed coding,
increasing the likelihood of errors.
· Errors in Bug Tracking: Inaccurate or incomplete bug tracking can hinder the resolu on process.

· Documenta on Errors: Mistakes in project documenta on can misguide developers, causing

so ware bugs.
· Devia on from Standards: Non-compliance with coding standards can introduce inconsistencies
and errors.

Comprehensive Understanding: Recognizing the mul faceted nature of factors contribu ng to bugs is
crucial for effec ve bug preven on and resolu on.

9.1.2 Types of Bugs

Effec ve tes ng relies on me culously cra ed test data that encapsulates diverse scenarios, ensuring
comprehensive coverage and robust valida on.

Fig. 9.1.2 Types of So ware Bugs

194
Par cipant Handbook

1. Unexpected Null: An unexpected null bug in so ware occurs when a variable or object is accessed
or u lized before being properly ini alized, leading to a null or undefined value. This type of bug
can introduce unpredictable behavior, causing the program to crash, exhibit errors, or produce
unexpected results.
These can be prevented by:

· Ini aliza on

· Null Checks
· Logging and Monitoring

· Code ReviewsjavaString userName;

java

String userName;

// ... some code ...

System.out.println("Welcome, " + userName);

Example: Accessing a variable before assigning any value to it, resul ng in unexpected null references.
If the variable 'userName' is not ini alized with a value before being used in the 'println' statement, it
will be null. A emp ng to concatenate a null value with the string will result in a run me error, such as
a 'Null Pointer Excep on'.

2. Bad Input: A bad input bug in so ware occurs when the program is unable to handle or process
incorrect or inappropriate input in a way that leads to unexpected behavior, errors, or system failures.
These bugs o en result from insufficient input valida on or inadequate handling of edge cases,
making the so ware vulnerable to unpredictable user inputs.
Example Scenario:
Consider a web applica on that expects users to enter their age. The applica on assumes that
users will provide a numeric value for age, but it fails to validate and handle non-numeric inputs:
python

#Python example

try:

user_age = int(input("Enter your age: "))

print("Your age is:", user_age)

except ValueError as e:
print("Invalid input. Please enter a numeric value for ag#e.")

195
 Application Developer-Web & Mobile

In this example, if a user enters a non-numeric value (e.g., "twenty-five" instead of "25"), the program
will encounter a 'ValueError' during the conversion to an integer. Without proper handling, this bad
input can lead to unexpected behavior or crashes.
Bad Input can be prevented and resolved by:
· Input Valida on

· Error Handling
· Sani za on
· Tes ng

3. Off-by-One: Off-by-one errors refer to bugs that cause the value of a variable to be inaccurate by one
in some manner. A common manifesta on of this error is the itera on of a loop either one more or
one less than the intended value, resul ng in an incorrect variable value or an improper ac on by the
program.

There are two prevalent forms of off-by-one errors. One involves the confusion of operators, such as
mistaking a "<" for a "<=" when comparing values. While this may func on correctly under normal
circumstances, it yields an incorrect value for specific cases. For example, the expression 3 < 3
evaluates to false, whereas 3 <= 3 evaluates to true. While this type of mistake may seem uncommon,
it is worth inves ga ng if unusual errors arise.

Another instance occurs when overlooking zero-indexing. In everyday coun ng, objects typically start
from 1. However, not being aware that certain programming languages ini ate coun ng from zero
can lead to this error. For instance, in Python, list[1] does not refer to the first item in a list but rather
the second. A similar misunderstanding can occur when selec ng items from a list; for instance, in
Python, list[1:-1] retrieves the second to the second-to-last item in an array, contrary to the poten al
assump on that it includes the last item in the list.

4. Buffer Overflow: Buffer overflow is a type of so ware bug that occurs when a program writes data
beyond the boundaries of a designated buffer, the excess data may overwrite adjacent memory
spaces. This can result in various issues, including the altera on of program variables, the disrup on
of program flow, and even the execu on of malicious code injected into the compromised memory
regions.

Example: Consider a scenario where a program reads user input into a fixed-size buffer but fails to
check whether the input exceeds the buffer's capacity, if a user enters a name longer than 10
characters, it will overflow the buffer, poten ally corrup ng adjacent memory.

196
Par cipant Handbook

#include <stdio.h>
#include <string.h>

int main() {

char buffer[10];
prin ("Enter your name: ");
gets(buffer); // Unsafe input reading func on

prin ("Hello, %s!\n", buffer);

return 0;
}

Buffer flow can be prevented and resolved by:

· Using Safe Input Func ons
· Boundary Checking
· Memory Protec on Mechanisms
· Sta c Analysis Tools

5. Index Out-of-Range: Index out-of-range bugs occur when a emp ng to access an element at an
index beyond the valid range of an array or collec on.

In this example, the list numbers has indices from 0 to 4, inclusive. However, the program a empts to
access an element at index 7, which is beyond the valid range. As a result, an IndexError will be raised
during run me, and the program will print a message indica ng that the index is out of range.

python

num bers = [1, 2, 3, 4, 5]

try:

# Attem pting to access an elem ent at index 7, which is out of range

elem ent = num bers[7]

print("Elem ent at index 7:", elem ent)

except IndexError as e:

print("Index out of range:", e)

197
 Application Developer-Web & Mobile

These can be prevented by:

i. Boundary Checking
ii. Use Safe APIs
iii. Excep on Handling

6. Memory Leaks: A memory leak occurs when a program allocates memory dynamically but fails to
release or deallocate it properly. Over me, this can lead to the gradual deple on of available
memory, impac ng system performance and poten ally causing the program to crash. Here is an
example in C++.

cpp

#include <iostream >

void m em oryLeakExam ple() {

// Allocating m em ory for an array of integers

int num bers = new int[1000];

// Perform ing som e operations w ith the allocated m em ory

// Oops! Forgot to release the allocated m em ory

// delete[] num bers;

int m ain() {

m em oryLeakExam ple();

// The program ends w ithout releasing the allocated m em ory,

// leading to a m em ory leak.

return 0;

In this example, memory is allocated using the new operator to create an array of integers, but the
programmer forgets to release the memory using delete[]. As a result, when the program ends, the
allocated memory is not freed, causing a memory leak.

Preven on:
· Using Smart Pointers

198
Par cipant Handbook

· RAII (Resource Acquisi on Is Ini aliza on)

· Proper Dealloca on
· Memory Analysis Tools

7. Security Vulnerabili es: Security bugs compromise the integrity or confiden ality of the so ware,
poten ally allowing unauthorized access or data breaches. Here are examples:

· SQL Injec on: SQL injec on occurs when an a acker manipulates user inputs to inject
malicious SQL code into a database query. If the applica on does not properly validate or
sani ze inputs, an a acker can execute unauthorized database opera ons.

sql

// Vulnerable SQL Query

String query = "SELECT FROM users WHERE username = '" + userInput + "'
AND password = '" + userPassword + "';";

If the userInput is cra ed to include malicious SQL code, an a acker could manipulate the query to
gain unauthorized access to the database.

· Cross-Site Scrip ng (XSS): XSS occurs when an a acker injects malicious scripts (usually
JavaScript) into web pages viewed by other users.
html

<!-- Vulnerable HTML Code-->

<p>Welcome, <span id="username"><?php echo $_GET['name'];

?></span>!</p>

If the name parameter is not properly sani zed, an a acker could inject a script into the URL, leading
to the execu on of malicious code when other users visit the page.

9.1.2 Types of Bugs

Bug tracking is a structured approach to documen ng, monitoring, and addressing defects or
issues iden fied in so ware applica ons. The primary goal is to enhance so ware quality by
iden fying and resolving bugs efficiently throughout the development and maintenance phase.

199
 Application Developer-Web & Mobile

Fig. 9.1.3 Process of Bug Tracking

· Bug Iden fica on: The bug tracking process o en commences with the iden fica on of defects,
triggered by events like test failures, user feedback, or system anomalies. A comprehensive bug
report captures crucial informa on, including the bug's symptoms, environment details, and steps
to reproduce.

· Bug Repor ng: Teams u lize bug tracking systems to record and document iden fied issues
systema cally. A well-structured bug report typically includes a clear descrip on, steps to
reproduce, expected and actual results, and relevant environmental details.
· Bug Priori za on: Severity and Priority: Bugs are categorized based on their severity (impact on
func onality) and priority (urgency for resolu on). Cri cal bugs affec ng essen al func onali es
o en receive higher priority for swi resolu on.
· Assignment and Ownership: Bugs are assigned to responsible team members or developers
based on their exper se and workload. Establishing clear ownership ensures accountability and
accelerates the resolu on process.

200
Par cipant Handbook

· Bug Resolu on:

o Inves ga on: Developers delve into the codebase to iden fy the root cause of the bug,
o en aided by informa on provided in the bug report.

o Code Fixing: Once the cause is iden fied, developers implement the necessary code fixes
to address the defect.

· Verifica on and Tes ng:

o Verifica on: A er implemen ng fixes, thorough tes ng is conducted to ensure that the
bug has been successfully addressed.
o Regression Tes ng: Developers perform regression tes ng to ensure that bug fixes do not
introduce new issues.

· Bug Closure:
o Confirma on: Once verified, the bug is marked as closed, signifying that the issue has been
resolved successfully.

o Documenta on: A detailed resolu on note is o en added to the bug report for future
reference.
· Con nuous Improvement:

o Analysis: Teams analyze bug tracking data to iden fy pa erns, improve development
processes, and prevent recurring issues.
o Feedback Loop: Insights gained from bug tracking contribute to con nuous improvement
in so ware quality and development prac ces.

9.1.4 Identifying Bugs

In the process of iden fying so ware bugs, a systema c and thorough approach is essen al. The
iden fica on process involves several key stages, each contribu ng crucial informa on to pinpoint and
understand the underlying issues in the so ware. These stages are integral to the bug iden fica on
methodology:
· Sigh ng: The sigh ng marks the ini al awareness that a bug exists within the so ware.
Informa on captured during the sigh ng is o en insufficient for a comprehensive understanding
of the defect's cause or behavior.
Examples: Test failures, customer reports, crashes, or system hangs may serve as events
triggering the sigh ng.

201
 Application Developer-Web & Mobile

· Symptom: The symptom represents the specific devia on from the expected behavior of the
program. It is characterized by the disparity between what the program should do (X) and what it
actually does (Y). It is more specific than the sigh ng, the symptom may require repeated
observa on before becoming apparent.

· Reproducer: The reproducer outlines the steps necessary for any user to replicate the symptom
with some probability. It may include manual inputs, se ngs, data files, database contents, or
configura on details. It facilitates the recrea on of the bug, aiding in its analysis and resolu on.

· Descrip on: The descrip on cons tutes a comprehensive write-up of the bug, encompassing the
symptom and contextual details. A complete descrip on includes a full reproducer if available,
offering precise informa on about the bug.
Bug descrip ons o en start with minimal informa on, progressively becoming more precise as
understanding deepens.

· Failure: The failure is typically related to the part of the program responsible for ac ons when the
symptom occurs. While finding the failure part may not be too challenging, determining the cause
necessitates further inves ga on.

Example: A program might crash due to dereferencing an invalid memory address.

· Cause-Effect Chain: The cause-effect chain outlines one or more steps that separate the ini al
defect in the code from the final failure leading to the symptom. Iden fying the cause-effect chain
is crucial for tracing the bug's origin and progression.

· Defect: The defect represents the actual mistake in the program, serving as the ini al cause at the
beginning of the effect chain. It could be a single line, word, or character, determined by analyzing
the program's behavior to uncover each link in the cause-effect chain.

By systema cally naviga ng through these stages, the complexi es of so ware bugs can be unravelled,
enabling effec ve analysis, diagnosis, and resolu on.

9.1.5 Recording a Software Bug

Recording a so ware bug is a crucial step in the so ware development lifecycle, as it lays the founda on
for effec ve bug tracking and resolu on. This process involves capturing detailed informa on about
iden fied issues, anomalies, or unexpected behaviors within the so ware. The recorded data not only
facilitates efficient bug resolu on but also contributes to the overall improvement of the so ware
development process.

202
Par cipant Handbook

Fig. 9.1.4 Process of Recording a So ware Bug

· Preliminary Inves ga on: Before recording a bug, it is essen al to conduct a preliminary

inves ga on to ensure the accuracy and relevance of the recorded informa on. This includes
verifying whether the observed behavior is indeed a bug and not an intended feature or a
misunderstanding of system func onality.
· Selec on of Bug Tracking System: The bug recording process typically begins with the selec on of
a dedicated Bug Tracking System (BTS) or Issue Tracking System. This centralized pla orm provides
a structured environment for capturing, managing, and monitoring bugs throughout the so ware
development lifecycle.
· Crea on of a New Bug Report: Upon iden fying a bug, ini ate the bug recording process by
crea ng a new bug report within the chosen Bug Tracking System. This involves accessing the
system's interface and selec ng the op on to create a new issue or bug.
· Title and Descrip on: Cra a tle for the bug that summarizes its essence. Subsequently, provide
a detailed descrip on of the bug. Include informa on about the observed behavior, the expected
behavior, and any error messages or indicators that may aid in understanding the issue.
· Steps to Reproduce: Outline the steps to reproduce the bug. This step-by-step guide should be
specific and detailed, allowing developers to recreate the exact condi ons under which the bug
manifests. The more precise the reproduc on steps, the easier it is for developers to iden fy and
address the issue.
· Environment Details: Specify the environment in which the bug was encountered. Include
informa on such as the opera ng system version, browser version (if applicable), device type, and
any relevant so ware configura ons. This contextual informa on assists developers in replica ng

203
 Application Developer-Web & Mobile

the bug in a similar environment.

· A achments and Media: If applicable, a ach suppor ng materials such as screenshots, videos, or
log files that visually demonstrate the bug. Visual aids can significantly enhance developers'
understanding of the issue and expedite the resolu on process.

· Categoriza on and A ributes: Categorize the bug based on a ributes such as severity, priority,
type, and any other relevant classifica ons. Assign a severity level that reflects the impact of the
bug on the so ware's func onality and a priority level indica ng the urgency for resolu on.

· Workflow Status: U lize the Bug Tracking System's workflow management features to set the
ini al status of the bug. Common statuses include "New," "Assigned," "In Progress," and
"Resolved." This status reflects the bug's posi on in the development workflow.

· Assignment: Assign the bug to the appropriate team member or developer responsible for
addressing the issue. Clear assignment ensures accountability and streamlines the resolu on
process.
· Collabora on and Comments: Foster collabora on by encouraging team members to add
comments, insights, or addi onal informa on to the bug report. Collabora on within the Bug
Tracking System creates a transparent communica on channel and provides a historical record of
discussions related to the bug.

· Verifica on and Tes ng: Once the bug is resolved, the Bug Tracking System may include a
verifica on step. This involves tes ng the fix and ensuring that the bug no longer manifests.
Developers or dedicated testers can perform this verifica on to validate the effec veness of the
resolu on.

· Bug Closure: A er successful verifica on, update the bug's status to indicate closure. The bug is
officially closed, signifying that the reported issue has been addressed and resolved sa sfactorily.

9.1.6 Bug Tracking Software

The Bug Tracking system encompasses three primary func ons:
· Genera ng a new text file and transcribing user-entered details into the file.
· Modifying the status of the bug through available op ons.
· Genera ng a report specific to a par cular bug file.

Fig. 9.1.4 Process of Recording a So ware Bug

204
Par cipant Handbook

· Jira: Developed by Atlassian, Jira is a widely used bug tracking and project management tool. It
offers extensive customiza on, workflow management, and integra on capabili es.
· Bugzilla: Bugzilla is an open-source bug tracking system developed by the Mozilla Founda on. It
provides a web-based interface for tracking bugs and managing so ware development projects.

· Redmine: Redmine is an open-source project management and issue tracking tool. It offers
features like issue tracking, me tracking, and project wiki, making it versa le for so ware
development projects.
· Man s Bug Tracker: Man s is an open-source bug tracking system that provides a simple and
user-friendly interface. It supports features like workflow customiza on, email no fica ons, and
integra on op ons.
· Trac: Trac is an open-source project management and bug tracking system. It combines bug
tracking, wiki, and version control func onali es to support so ware development projects

· YouTrack: YouTrack is a bug tracking and project management tool developed by JetBrains. It
offers features like customizable workflows, agile boards, and integra on with development tools.
· Trello: Trello is a visual project management tool that uses boards, lists, and cards to help teams
organize and priori ze work. While not a dedicated bug tracking tool, it can be adapted for simple
bug tracking processes.
· Asana: Asana is a project management tool that supports task tracking, collabora on, and team
communica on. It may not be a dedicated bug tracking tool, but it can be used for tracking issues
within projects.
· FogBugz: FogBugz, developed by Fog Creek So ware, is a project management and bug tracking
system. It provides features like case tracking, workflow automa on, and evidence-based
scheduling.
· GitLab: GitLab is a web-based Git repository manager that includes features for source code
management, con nuous integra on, and issue tracking. It offers an integrated approach to
so ware development.

9.1.7 Logging Bugs

Logging bugs in a case tracking system is a cri cal aspect of so ware development and quality assurance.
Effec ve bug logging ensures that issues are clearly communicated, facilita ng their resolu on by
development teams.

In the realm of so ware tes ng, a bug report stands as a comprehensive document delinea ng the
imperfec ons unearthed within a so ware applica on. This report encapsulates intricate details
concerning a bug, encompassing its descrip on, discovery date, the iden ty of the tester unveiling it, the
developer tasked with rec fica on, and more. The bug report plays a pivotal role in iden fying akin bugs
in subsequent instances, enabling preemp ve measures to evade their recurrence.

205
 Application Developer-Web & Mobile

When no fying the developer of a bug, the Bug Report should encompass the following details:
· Defect ID: The unique iden fica on number assigned to the defect.

· Defect Descrip on: A comprehensive explana on of the defect, including details about the
module in which it was discovered.
· Version: The applica on version wherein the flaw was iden fied.

· Steps: A detailed sequence of steps, accompanied by screenshots, facilita ng the developer in

reproducing the issues.
· Date Raised: The date when the defect was ini ally highlighted.

· Reference: Inclusion of references to documents like specifica ons, design, architecture, or

screenshots, aiding in clarifying the nature of the fault.
· Detected By: Name or ID of the tester who reported the issue.
· Status: The current state of the defect, with further details to be discussed later.

· Fixed by: Name or ID of the developer who addressed the issue.

· Date Closed: The date on which the defect was successfully resolved.
· Severity: The impact of the fault on the applica on, defining its cri cality.

· Priority: The urgency associated with correc ng the defect. Priority is set based on the impact
urgency, categorized as High, Medium, or Low.
Logging bugs is crucial in so ware development for effec ve communica on and issue resolu on. Follow
these best prac ces:

· Clear Titles: Provide concise tles summarizing the bug's essence.

· Detailed Descrip ons: Include a clear explana on, expected behavior, reproduc on steps, and
relevant context.

· Reproducibility Steps: Clearly outline steps to reproduce the bug for swi iden fica on and
resolu on.
· Suppor ng Files: A ach screenshots, videos, or logs to enhance developers' understanding.

· Categoriza on: Assign severity, priority, and bug type for efficient priori za on.

· Environment Details: Specify the bug's environment, including OS, browser, device, and
configura ons.
· Consistent Fields: Use predefined fields consistently for clarity and organiza on.

· One Bug per Report: Log one bug per report to maintain focus and clarity.
· Severity and Priority: Assign levels reflec ng impact and urgency for resolu on.
· Update Status: Keep bug status updated to reflect the current state.

· Effec ve Comments: Encourage insigh ul comments to foster collabora on among team

206
Par cipant Handbook

members.
· Verifica on Steps: Provide steps for verifica on to confirm bug resolu on.

· Link to Related Items: Link bugs to related items for be er context and traceability.
· Document Workarounds: Document known workarounds for user and support team benefit.
Follow Workflow: Adhere to the case tracking system's defined workflow for efficient bug progression.

9.1.8 Identifying User Behaviour

User behavior is the set of ac ons and pa erns that users demonstrate when interac ng with your
so ware.
Understanding user behavior before iden fying bugs is essen al for successful so ware development.
This proac ve approach enables early bug detec on, allowing developers to priori ze and resolve issues
based on observed user interac ons.
By aligning bug resolu on with user preferences, developers can enhance the overall user experience,
allocate resources efficiently, and reduce support overhead.

The insights gained from user behavior data support data-driven decision-making and contribute to the
long-term success of the so ware, fostering posi ve user percep ons and loyalty.
This user-centric approach is integral to crea ng so ware that not only meets but exceeds user
expecta ons.

The process of iden fying user behaviour prior to bug iden fica on is:
· User Observa on: Observe users interac ng with the so ware in real-world scenarios. Pay
a en on to their ac ons, preferences, and any pa erns that emerge during usage.

· User Surveys and Feedback: Conduct surveys or gather feedback from users about their
experiences with the so ware. Inquire about common issues, difficul es, or unexpected
behaviors they may have encountered.

· User Interviews: Engage in one-on-one interviews with users to gain deeper insights into their
workflow, expecta ons, and any challenges they face while using the so ware.
· Analy cs and User Tracking: Implement analy cs tools to track user ac ons within the so ware.
Analyze user journeys, commonly visited features, and any recurring pa erns that may indicate
poten al issues.

· Error Repor ng and Logs: Review error reports and logs generated by the so ware. Look for
pa erns or trends in reported errors that might align with user behavior issues.

· Usability Tes ng: Conduct usability tes ng sessions where users perform specific tasks within the
so ware. Observe their interac ons, note any hesita ons, and gather feedback on the overall
usability.

207
 Application Developer-Web & Mobile

· Heatmaps and Session Recordings: U lize heatmaps to visualize areas of the so ware that a ract
more a en on or engagement. Session recordings can provide detailed insights into how users
navigate and interact with different features.
· Surveys A er Bug Iden fica on: A er iden fying a bug, gather addi onal insights from users
through targeted surveys. Understand the frequency and impact of the issue on their experience.

· Social Media Monitoring: Monitor social media pla orms for user comments, men ons, or
discussions related to the so ware. Users o en share their experiences and issues on these
pla orms.

· A/B Tes ng: Implement A/B tes ng to compare different versions of the so ware and assess how
users respond. Iden fy any behavioral varia ons that may indicate poten al issues.
· Collabora on with Support Teams: Collaborate with customer support teams to understand
common user queries and reported issues. This collabora on can provide valuable informa on
about user struggles.

9.1.8 Identifying User Behaviour

User behavior is the set of ac ons and pa erns that users demonstrate when interac ng with your
so ware.

Understanding user behavior before iden fying bugs is essen al for successful so ware development.
This proac ve approach enables early bug detec on, allowing developers to priori ze and resolve issues
based on observed user interac ons.

By aligning bug resolu on with user preferences, developers can enhance the overall user experience,
allocate resources efficiently, and reduce support overhead.
The insights gained from user behavior data support data-driven decision-making and contribute to the
long-term success of the so ware, fostering posi ve user percep ons and loyalty.

This user-centric approach is integral to crea ng so ware that not only meets but exceeds user
expecta ons.
The process of iden fying user behaviour prior to bug iden fica on is:

· User Observa on: Observe users interac ng with the so ware in real-world scenarios. Pay
a en on to their ac ons, preferences, and any pa erns that emerge during usage.
· User Surveys and Feedback: Conduct surveys or gather feedback from users about their
experiences with the so ware. Inquire about common issues, difficul es, or unexpected
behaviors they may have encountered.
· User Interviews: Engage in one-on-one interviews with users to gain deeper insights into their
workflow, expecta ons, and any challenges they face while using the so ware.

· Analy cs and User Tracking: Implement analy cs tools to track user ac ons within the so ware.

208
Par cipant Handbook

Analyze user journeys, commonly visited features, and any recurring pa erns that may indicate
poten al issues.
· Error Repor ng and Logs: Review error reports and logs generated by the so ware. Look for
pa erns or trends in reported errors that might align with user behavior issues.

· Usability Tes ng: Conduct usability tes ng sessions where users perform specific tasks within the
so ware. Observe their interac ons, note any hesita ons, and gather feedback on the overall
usability.

· Heatmaps and Session Recordings: U lize heatmaps to visualize areas of the so ware that a ract
more a en on or engagement. Session recordings can provide detailed insights into how users
navigate and interact with different features.

· Surveys A er Bug Iden fica on: A er iden fying a bug, gather addi onal insights from users
through targeted surveys. Understand the frequency and impact of the issue on their experience.
· Social Media Monitoring: Monitor social media pla orms for user comments, men ons, or
discussions related to the so ware. Users o en share their experiences and issues on these
pla orms.

· A/B Tes ng: Implement A/B tes ng to compare different versions of the so ware and assess how
users respond. Iden fy any behavioral varia ons that may indicate poten al issues.

· Collabora on with Support Teams: Collaborate with customer support teams to understand
common user queries and reported issues. This collabora on can provide valuable informa on
about user struggles.

9.1.9 Isolate Portion of Source Code

Analyzing and isola ng a por on of the source code where a bug occurs is a cri cal aspect of the
debugging process in so ware development. This process involves systema cally inves ga ng the
codebase to iden fy the root cause of a bug and isolate the specific sec on or components responsible for
the unexpected behavior.
Steps:

209
 Application Developer-Web & Mobile

210
Par cipant Handbook

9.1.10 Test Cases

A test case encompasses the ac ons necessary to validate a specific feature or func onality during
so ware tes ng. It outlines steps, data, prerequisites, and postcondi ons essen al for feature
verifica on.

Objec ves of Wri ng Test Cases:

· Validate specific features and func ons within the so ware.

· Guide testers in their day-to-day hands-on ac vi es.
· Create a documented record of steps for future reference in the event of a bug.

· Serve as a blueprint for future projects, minimizing the need to start from scratch.
· Detect usability issues and design gaps early in the development process.
· Facilitate quick onboarding for new testers and developers joining ongoing projects.

Standard Test Case Format:

· Test Case ID
· Test Scenario

· Test Steps

· Prerequisites
· Test Data

· Expected/Intended Results

· Actual Results
· Test Status – Pass/Fail

Addi onal Considera ons for Wri ng Test Cases:

· Include a reasonable descrip on of the requirement.

· Provide a detailed descrip on of the test process.
· Specify tes ng setup details such as so ware version, data points, OS, hardware, security
clearance, date, me, and prerequisites.
· A ach any related documents or a achments necessary for testers.
· Consider providing alterna ves to prerequisites if they exist.

Best Prac ces of wri ng Test Cases

· Emphasize clarity and transparency by providing clear, concise, and asser ve instruc ons for
testers regarding ac ons and expected outcomes.

· Align sample test cases with End-User requirements, mapping them to cover every aspect of the
user journey. Leverage Specifica ons and Requirements Documents for guidance.

211
 Application Developer-Web & Mobile

· Minimize repe on by u lizing Test Case IDs to reference applicable test cases when mul ple
tests can be executed using the same scenario.

· Keep Test Steps concise, ideally limi ng them to 10-15 steps for clarity and efficiency.
· Strive for maximum test coverage, recognizing that achieving 100% coverage is challenging but
aiming for a high percentage is feasible with effec ve strategies.

· Develop self-cleaning test cases that restore the Test Environment to a pris ne, pre-test state,
ensuring no remnants persist a er test comple on. This aligns with Configura on Management
principles.

· Design test cases to consistently yield the same results, regardless of the individual execu ng
them, emphasizing self-sufficiency and independence.

9.1.11 Building Unit Test Case

Unit Tes ng involves valida ng the smallest unit of code against its intended func onality. Simply put, it
entails wri ng a code snippet (unit test) to verify the code (unit) created to meet specified requirements.
There are two methods for performing Unit Tes ng:

Manual Tes ng: In this approach, the tester manually executes test cases without u lizing any
automa on tool. Each test stage is carried out manually. Manual Tes ng can be laborious, especially for
repe ve tests, requiring substan al effort to create and execute test cases. Importantly, Manual Tes ng
does not necessitate familiarity with any tes ng tool.

Automated Tes ng: Automated Tes ng employs so ware tes ng automa on tools to automate tests and
test cases. These automa on tools can record and save tests, allowing for replaying as needed without
addi onal human interven on. It is acknowledged that achieving 100% automa on is not feasible,
leading to some level of manual tes ng always being required.

Fig. 9.1.7 Unit Tes ng Suite

212
Par cipant Handbook

Building unit test cases is a fundamental aspect of so ware development aimed at iden fying and
isola ng poten al bugs. Unit tes ng involves crea ng and execu ng test cases for individual units or
components of the so ware to ensure they func on as intended.
Effec ve unit tes ng involves three fundamental stages:

· Develop a unit test code.

· Execute the unit test code to assess its adherence to system requirements.
· Run the so ware code to iden fy defects and determine whether it aligns with the system
requirements.

Following these three steps, if the code demonstrates accuracy, the unit test is considered successful.
Conversely, if it fails to meet the system requirements, the test is unsuccessful, promp ng the developer
to review and rec fy the code.

9.1.12 Bug Free Code

Achieving con nuous itera on and bug-free so ware development involves adop ng best prac ces
throughout the so ware development lifecycle. Here's a comprehensive discussion on how to achieve
this goal:

· Agile Development Methodology: Embrace Agile methodologies, such as Scrum or Kanban, to

promote itera ve development, collabora on, and adaptability to changing requirements.
· Incremental Development: Break down the so ware development process into incremental
phases, allowing for the con nuous delivery of func onal increments. This helps in early detec on
of bugs and ensures steady progress.
· Version Control: Implement a robust version control system (e.g., Git) to track changes, manage
code collabora on, and facilitate the rollback to stable versions if needed.

· Automated Tes ng: Integrate automated tes ng into the development pipeline. Automated
tests, including unit tests, integra on tests, and end-to-end tests, help iden fy bugs early,
ensuring code stability.

· Con nuous Integra on (CI): U lize CI tools (e.g., Jenkins, Travis CI) to automa cally build and test
code changes whenever they are commi ed. This aids in early bug detec on and maintains a
consistent codebase.
· Code Reviews: Conduct regular code reviews to involve mul ple team members in scru nizing
the code for poten al bugs, adherence to coding standards, and improvement opportuni es.
· Pair Programming: Implement pair programming where two developers work collabora vely on
the same piece of code. This prac ce promotes knowledge sharing and reduces the likelihood of
introducing bugs.

· Sta c Code Analysis: Integrate sta c code analysis tools (e.g., SonarQube) to automa cally
iden fy code quality issues, security vulnerabili es, and poten al bugs during the development

213
 Application Developer-Web & Mobile

process.

· Con nuous Deployment (CD): Adopt con nuous deployment prac ces to automate the release
process. This ensures that thoroughly tested and bug-free code is regularly deployed to
produc on environments.

· Monitoring and Logging: Implement robust monitoring and logging mechanisms in produc on
environments. Real- me monitoring helps iden fy poten al issues, and detailed logs assist in
diagnosing and fixing bugs quickly.

· User Feedback and Tes ng: Gather user feedback through beta tes ng, user acceptance tes ng
(UAT), and early release versions. User input can reveal unexpected issues and guide itera ve
improvements.
· Refactoring: Regularly refactor code to improve its structure, readability, and maintainability. This
proac ve approach reduces technical debt and minimizes the likelihood of introducing bugs.
· Bug Tracking and Resolu on: U lize a robust bug tracking system to log, priori ze, and resolve
reported issues promptly. Regularly revisit and address bug reports to maintain a stable codebase.

· Documenta on: Maintain comprehensive documenta on for code, APIs, and processes. Well-
documented code helps new developers understand the system, reducing the risk of
uninten onal bugs.

9.1.13 Logging
An applica on log, o en referred to as a log or log file, is a record of events, ac vi es, or transac ons
generated by a so ware applica on during its execu on. These logs serve as a valuable tool for
developers, system administrators, and support teams to monitor and understand the behavior of the
applica on.
Logging all ac vi es of an applica on is a crucial prac ce for monitoring, debugging, and gaining insights
into the system's behavior. Here's an explora on of why and how to log ac vi es:

Importance of Logging:

· Debugging and Troubleshoo ng: Logs provide a detailed record of applica on ac vi es, helping
developers iden fy and debug issues by tracing the sequence of events leading to a problem.
· Performance Monitoring: Monitoring log data allows for the assessment of system performance,
helping to iden fy bo lenecks, resource u liza on, and areas for op miza on.
· Security Audi ng: Log entries can be instrumental in security audits, enabling the tracking of user
ac ons, authen ca on a empts, and poten al security threats.

· Compliance and Regula ons: Many industries have compliance requirements that mandate the
logging of certain ac vi es to ensure data integrity, security, and legal adherence.
· User Behavior Analysis: Analyzing logs provides insights into user behavior, preferences, and

214
Par cipant Handbook

usage pa erns, aiding in making data-driven decisions for applica on improvements.

· Incident Response: In the event of a system failure or security breach, logs play a crucial role in
incident response, helping teams understand the scope and impact of the incident.

Best Prac ces for Logging:

· Structured Logging: Use structured logging formats (e.g., JSON or key-value pairs) to facilitate
easier parsing and analysis of log data.

· LogLevel Grada on: Employ different log levels (e.g., INFO, WARN, ERROR) to categorize the
severity of logged events. This aids in priori zing and filtering log entries.
· Timestamps and Timezone: Include mestamps with mezone informa on in log entries for
accurate chronological sequencing and correla on with other system events.

· Contextual Informa on: Enhance logs with contextual informa on, such as user IDs, transac on
IDs, or request parameters, to provide a comprehensive understanding of each log entry.
· Log Rota on and Reten on: Implement log rota on to manage log file sizes and reten on policies
to control the dura on for which logs are stored, considering storage constraints.

· Centralized Logging: Centralize logs in a dedicated logging system or service for easier
aggrega on, searching, and analysis, especially in distributed or microservices architectures.
· Security Considera ons: Be mindful of sensi ve informa on in logs and avoid logging sensi ve
data. Implement proper access controls and encryp on for stored log data.

· Regular Log Audits: Conduct regular audits of log files to iden fy anomalies, poten al security
breaches, or performance issues that might not be immediately apparent.

· Custom Logging for Key Events: Implement custom logging for cri cal applica on events, error
scenarios, or business transac ons to ensure detailed coverage of important ac vi es.
· Monitoring and Aler ng: Integrate log monitoring tools to generate alerts for specific events,
errors, or pa erns that require immediate a en on.

9.1.14 Analyze Abnormal System Behavior

Analyzing abnormal system behavior using applica on logs is an essen al prac ce for iden fying,
diagnosing, and resolving issues. Here's a guide on how to effec vely perform this analysis:

· Establish Baseline Behavior: Before iden fying abnormali es, understand the normal or baseline
behavior of the system. Establish benchmarks for performance, error rates, and typical user
ac vi es.

· Define Key Log Metrics: Iden fy cri cal metrics and log entries relevant to system health,
performance, and user interac ons. This may include error rates, response mes, resource usage,
and security-related events.

215
 Application Developer-Web & Mobile

· Centralized Logging: Aggregate logs from various components of the system into a centralized
logging system. This enables comprehensive analysis and correla on across different parts of the
applica on.
· Set Thresholds and Alerts: Define thresholds for normal system behavior based on historical data.
Implement aler ng mechanisms to no fy the team when log metrics surpass predefined
thresholds, indica ng abnormal behavior.

· Categorize Log Entries: Categorize log entries based on severity and impact. Priori ze cri cal
errors that directly impact the system's func onality, user experience, or security.

· U lize Log Analysis Tools: Employ log analysis tools or pla orms that offer advanced search,
filtering, and visualiza on capabili es. These tools can help iden fy pa erns, trends, and
anomalies in log data.
· Inves gate Anomalies Promptly: When alerted to abnormal behavior, ini ate prompt
inves ga ons. Use log data to trace the sequence of events leading up to the anomaly, enabling a
faster resolu on.
· Correlate Events: Correlate log entries across different components and services to understand
the broader impact of abnormal behavior. This aids in iden fying root causes and dependencies.

· Analyze User Behavior: Examine logs related to user interac ons, focusing on pa erns that
deviate from normal user behavior. This can help iden fy poten al issues with specific features or
workflows.

· Contextual Informa on: Include contextual informa on in log entries to aid in the analysis. This
may involve user IDs, transac on details, or relevant system parameters associated with the
abnormal behavior.

9.1.15 Using Developer Forums for Error Resolution

Encountering errors is a common aspect of web and mobile applica on development. One effec ve way
to troubleshoot these issues is by copying the error message and seeking solu ons on developer forums.
Here's a succinct guide on how to approach this:
· Using Developer Forums for Error Resolu on:

o oCopy the Error Message:

o oWhen encountering an error, copy the exact error message or code snippet displayed.
· Search Developer Forums:

o oU lize popular developer forums and communi es such as Stack Overflow, GitHub
Discussions, or Reddit's programming subreddits.
o oPaste the error message into the search bar and browse relevant threads.

216
Par cipant Handbook

· Review Exis ng Solu ons:

o Look for threads with similar error messages and review solu ons provided by other
developers.
o Pay a en on to answers with high votes or comments indica ng effec veness.
· Understand the Context:

o Consider the context of the error message and how it relates to your specific project or
environment.
o Look for solu ons applicable to your programming language, framework, or technology
stack.

· Verify Solu ons:

o Verify the credibility and reliability of solu ons by checking the reputa on of users
providing them and reviewing any associated code or documenta on.

o Avoid blindly implemen ng solu ons without understanding their implica ons.

· Ask for Help if Needed:

o If you can't find a relevant solu on, consider pos ng a ques on on the forum, providing
details about your error message, code snippets, and any relevant context.

o Be polite and clear in your request for assistance to maximize the chances of receiving
helpful responses.
· Contribute to the Community:

o Once you've resolved your error, consider contribu ng back to the developer community
by sharing your solu on or insights on the forum.
o Help others facing similar issues by providing clear explana ons and ac onable advice.

9.1.16 Eliminating Hardware or Platform as a Cause

Iden fying the root cause of issues in web and mobile applica on development o en involves elimina ng
hardware or pla orm-related factors. By ruling out these possibili es, developers can focus on so ware-
related solu ons. Here's a concise guide on how to eliminate hardware or pla orm as a cause:

· Verify Compa bility: Ensure app compa bility with different hardware setups and pla orms.
· Test Across Environments: Test on various devices, browsers, and opera ng systems to catch
inconsistencies.

· Monitor Performance: Keep an eye on hardware performance metrics for anomalies.

· Check Firmware and Drivers: Ensure firmware and drivers are up-to-date and compa ble.

217
 Application Developer-Web & Mobile

· Isolate Hardware Failures: Test individual hardware components to iden fy any malfunc ons.

· Review Logs and Errors: Analyze system logs and error messages for hardware or pla orm-related
issues.
· Refer to Documenta on: Consult hardware and pla orm documenta on for troubleshoo ng
guidance.

· Collaborate with Experts: Seek assistance from hardware specialists or pla orm experts if
needed.
· Document Findings: Keep clear records of the process and any solu ons implemented.

218
Par cipant Handbook

Exercise
Answer the following ques ons:
Short Ques ons:
1. What are So ware Bugs? List the types of So ware Bugs.

2. Explain the process of iden fying So ware Bugs.

3. Can you provide examples of unexpected, null, and bad input bugs?
4. What are the best prac ces for logging bugs in a case tracking system?

5. What is the process for building unit test cases to iden fy and isolate so ware bugs?
B. Fill in the Blanks
(Hint: automated, variable, bug tracking so ware off-by-one)

1. An unexpected null bug in so ware occurs when a __________ or object is accessed or

u lized before being properly ini alized
2. __________errors refer to bugs that cause the value of a variable to be inaccurate by one in
some manner

3. User behavior is the set of ac ons and pa erns that users demonstrate when interac ng with
__________.
4. __________Tes ng employs so ware tes ng automa on tools to automate tests and test
cases.

219
 Application Developer-Web & Mobile

Notes

QR Code
Scan the QR Code to watch the related videos

h ps://youtu.be/1JHmBkjbJo0
Bug Fix | How to fix a bug

220
Par cipant Handbook

221
10. Application
Performance
Monitoring

Unit 10.1 - Applica on Performance Monitoring

SSC/N8323
Par cipant Handbook

Key Learning Outcomes

At the end of this module, you will be able to:
1. Explain how applica on performance is related to business outcomes

2. Discuss the different types of cloud deployment models

3. Explain cloud resource u liza on pa erns
4. Explain how cloud resources are billed depending on different cloud deployment models

5. Discuss the different parameters for monitoring performance of cloud systems

6. Explain how to examine applica on log data to find clues to problems related to applica on
performance

7. Discuss how to create a process to monitor applica on performance

8. Explain how to automate the performance monitoring process using scripts and Applica on
Performance Monitoring (APM) tools
9. Explain how to generate performance reports from applica on monitoring tools

223
 Application Developer-Web & Mobile

Unit 10.1 Applica on Performance Monitoring

Unit Objectives
At the end of this unit, you will be able to:
1. Explain how applica on performance is related to business outcomes
2. Discuss the different types of cloud deployment models
3. Explain cloud resource u liza on pa erns

4. Explain how cloud resources are billed depending on different cloud deployment models

5. Discuss the different parameters for monitoring performance of cloud systems

6. Explain how to examine applica on log data to find clues to problems related to applica on
performance

7. Discuss how to create a process to monitor applica on performance

8. Explain how to automate the performance monitoring process using scripts and Applica on
Performance Monitoring (APM) tools

9. Explain how to generate performance reports from applica on monitoring tools.

10.1.1 Application Performance Monitoring

Applica on performance refers to the responsiveness, speed, and efficiency of a so ware applica on
as it runs and performs tasks. It is a cri cal aspect of user sa sfac on and overall system func onality.
Poor applica on performance can lead to frustrated users, decreased produc vity, and even financial
losses for businesses.

Applica on Performance Monitoring (APM) involves the monitoring of crucial performance metrics of
so ware applica ons through the u liza on of monitoring tools and telemetry data. APM is employed
by professionals to guarantee the availability of systems, enhance service performance, reduce
response mes, and elevate user experiences. Common scenarios for monitoring include mobile apps,
websites, and business applica ons.

Fig. 10.1.1 Applica on Performance Monitoring

224
Par cipant Handbook

10.1.2 Impact of Application Performance

Applica on performance is intricately ed to business outcomes in several ways, influencing everything
from customer sa sfac on to opera onal efficiency. Here are some key points that highlight the
rela onship between applica on performance and business success:

· User Sa sfac on: A well-performing applica on provides a posi ve user experience. Users expect
applica ons to respond quickly and seamlessly. Slow or inefficient performance can lead to
frustra on, dissa sfac on, and, ul mately, a decline in user engagement. Sa sfied users are more
likely to con nue using the applica on and may become loyal customers.

· Customer Reten on: Users are more likely to remain loyal to a business if its applica ons
consistently deliver high performance. A poor user experience can drive customers away, leading
to a decrease in customer reten on rates. On the contrary, efficient and reliable applica ons
contribute to customer sa sfac on and reten on.
· Compe ve Advantage: In today's compe ve business landscape, customers have various
op ons for similar products or services. Applica ons that perform excep onally well can serve as
a compe ve differen ator. Businesses with high-performing applica ons may a ract and retain
customers more effec vely than those struggling with performance issues.
· Opera onal Efficiency: Internally, applica on performance affects opera onal efficiency. If
employees rely on business applica ons for their daily tasks, slow or unreliable performance can
hinder produc vity. Efficient applica ons contribute to streamlined workflows, reducing
down me and enhancing overall opera onal efficiency.
· Revenue Genera on: For businesses that operate online, the performance of e-commerce
pla orms and transac onal applica ons directly impacts revenue. Studies have shown that even
small delays in page load mes can result in a significant drop in conversion rates. Op mizing
applica on performance can, therefore, have a direct posi ve impact on revenue genera on.
· Brand Image: The performance of applica ons reflects on the overall image of a brand. Users
associate a business's competence and reliability with the func onality and speed of its
applica ons. A poor-performing applica on can tarnish a brand's reputa on, while a fast and
reliable one can enhance brand image and credibility.
· Adaptability to Growth: As businesses grow, their applica on infrastructure must be scalable and
able to handle increased workloads. Applica ons that can scale efficiently without sacrificing
performance enable businesses to adapt to growth seamlessly. This adaptability is crucial for
sustaining and expanding opera ons.

· Cost Efficiency: Efficiently performing applica ons can lead to cost savings. Well-op mized
applica ons use resources more effec vely, reducing the need for expensive hardware upgrades
or addi onal infrastructure. This cost efficiency contributes to be er overall financial
performance for the business.

225
 Application Developer-Web & Mobile

10.1.3 Application Monitoring Performance Process

Crea ng a robust process to monitor applica on performance is crucial for ensuring that so ware
applica ons run smoothly, meet user expecta ons, and contribute to overall business success.
Process:

· Define Objec ves and Key Performance Indicators (KPIs):

o Outline the goals of APM.

o Iden fy specific KPIs aligned with technical and business objec ves.
· Iden fy Cri cal Components and Dependencies:

o Determine key components and dependencies in the applica on architecture.

o Understand rela onships between components for effec ve monitoring.
· Select APM Tools:

o Choose tools aligned with the technology stack and monitoring requirements.
o Consider factors like integra on ease, real- me capabili es, and scalability.
· Instrumenta on and Code Profiling:

o Integrate APM agents or instrumenta on into the applica on code.

o Use code profiling to iden fy and op mize performance bo lenecks.

· Configure Monitoring Alerts:

o Establish alert thresholds based on acceptable performance levels.

o Define condi ons for triggering alerts on issues such as response mes and error rates.
· Implement End-User Monitoring (EUM):

o Incorporate EUM to gain insights into user experiences.

o Monitor page load mes, transac on success rates, and user interac ons.
· Create Dashboards and Reports:

o Develop customized dashboards displaying key metrics and trends.

o Regularly review and update dashboards based on evolving requirements.

· Establish Incident Response Procedures:
o Define procedures for responding to performance incidents.

o Outline responsibili es, escala on paths, and communica on channels.

· Implement Con nuous Monitoring and Tes ng:
o Integrate APM into CI/CD pipelines.

o Conduct regular performance tes ng, including stress and load tes ng.

226
Par cipant Handbook

· Regularly Review and Op mize:

o Schedule regular reviews of APM data and performance reports.

o Use insights to iden fy areas for improvement and op miza on.

10.1.4 APM Tools

Fig. 10.1.2 Applica on Performance Monitoring Tools

AppDynamics:

AppDynamics is a widely used APM tool that provides real- me insights into applica on performance. It
offers features such as applica on mapping, code-level diagnos cs, and business transac on monitoring.
Features:

· Applica on mapping for visualizing dependencies.

· Code-level diagnos cs for troubleshoo ng.
· Business transac on monitoring.

· Real- me insights into applica on performance.

New Relic:
New Relic is a comprehensive APM solu on that provides monitoring for web and mobile applica ons. It
offers features like transac on tracing, real user monitoring, and infrastructure monitoring.

Features:
· Applica on mapping for visualizing dependencies.

· Code-level diagnos cs for troubleshoo ng.

227
 Application Developer-Web & Mobile

· Business transac on monitoring.

· Real- me insights into applica on performance.

Dynatrace:
Dynatrace is an APM tool that focuses on providing AI-powered observability. It offers automa c
discovery and monitoring of applica on components, along with detailed performance analy cs.

Features:
· Applica on mapping for visualizing dependencies.
· Code-level diagnos cs for troubleshoo ng.

· Business transac on monitoring.

· Real- me insights into applica on performance.
ManageEngine Applica ons Manager:

ManageEngine Applica ons Manager is a cost-effec ve APM solu on that provides monitoring for
various applica ons, servers, databases, and more. It offers features such as performance analy cs and
threshold-based alerts.

Features:

· Applica on mapping for visualizing dependencies.

· Code-level diagnos cs for troubleshoo ng.

· Business transac on monitoring.

· Real- me insights into applica on performance.

Site24x7:
Site24x7 is a cloud-based APM tool that provides end-to-end monitoring for applica ons, servers, and
network infrastructure. It offers features like real user monitoring, synthe c transac on monitoring, and
log management.
Features:

· Real user monitoring and synthe c transac on monitoring.

· Cloud infrastructure monitoring.

· Log management.

· Customizable dashboards.

Raygun:
Raygun is known for its APM and error tracking capabili es. It helps developers iden fy and diagnose
issues in real- me, allowing for quick resolu on of performance bo lenecks.

Features:

228
Par cipant Handbook

· Applica on mapping for visualizing dependencies.

· Code-level diagnos cs for troubleshoo ng.

· Business transac on monitoring.

· Real- me insights into applica on performance.

Nexthink:

Nexthink focuses on providing digital employee experience management. It offers APM features to
monitor and op mize the performance of applica ons from the end-user perspec ve.
Features:

· Digital employee experience management.

· End-user analy cs.
· Real- me monitoring for applica ons.

· Automated issue resolu on.

FusionReactor:
FusionReactor is an APM tool designed for monitoring Java applica ons. It provides real- me insights into
applica on performance, along with features such as crash protec on and code profiling.

Features:
· Applica on mapping for visualizing dependencies.

· Code-level diagnos cs for troubleshoo ng.

· Business transac on monitoring.

· Real- me insights into applica on performance.

Instana:

Instana is an APM solu on that emphasizes automa on and AI-driven insights. It provides real- me
monitoring for microservices, containers, and cloud-na ve applica ons.
Features:

· Applica on mapping for visualizing dependencies.

· Code-level diagnos cs for troubleshoo ng.
· Business transac on monitoring.

· Real- me insights into applica on performance.

Datadog:
Datadog is a comprehensive monitoring pla orm that includes APM features. It allows monitoring of
applica on performance alongside infrastructure metrics, logs, and more.

229
 Application Developer-Web & Mobile

Features:

· Applica on mapping for visualizing dependencies.

· Code-level diagnos cs for troubleshoo ng.

· Business transac on monitoring.

· Real- me insights into applica on performance.

10.1.5 Using APM Tools

Genera ng performance reports from applica on monitoring tools involves extrac ng relevant data,
analyzing key metrics, and presen ng the findings in a clear and ac onable format.

· Access the Monitoring Dashboard: Log in to the APM tool's web interface or applica on to access
the monitoring dashboard.
· Select Metrics for Analysis: Iden fy the key performance metrics that align with your monitoring
objec ves. This could include response mes, error rates, throughput, and resource u liza on.

· Customize Time Ranges: Set the me range for the performance report. Depending on your
analysis goals, you might choose a specific meframe, such as the last 24 hours, 7 days, or a
custom period.

· Create Custom Dashboards: U lize the APM tool's dashboard customiza on features to create
views tailored to your specific needs. Arrange widgets displaying different metrics and
components.

· Analyze Trends and Anomalies: Use the visualiza ons provided by the APM tool to analyze trends
and iden fy anomalies. Look for pa erns in performance data that may indicate issues or areas for
improvement.
· Export Data: Most APM tools allow you to export performance data in various formats, such as CSV
or PDF. Export relevant data for further analysis or to include in the performance report.

· Generate Automated Reports: Explore automated repor ng features within the APM tool.
Schedule regular automated reports to be generated and delivered to stakeholders. Set up the
reports to cover specific metrics and me ranges.

· Include Insights and Recommenda ons: Enhance the performance report by providing insights
and recommenda ons based on the analyzed data. Explain the significance of the observed trends
and suggest poten al op miza ons or ac ons.

230
Par cipant Handbook

Genera ng performance reports from applica on monitoring tools involves extrac ng relevant data,
analyzing key metrics, and presen ng the findings in a clear and ac onable format.
· Access the Monitoring Dashboard: Log in to the APM tool's web interface or applica on to access
the monitoring dashboard.

· Select Metrics for Analysis: Iden fy the key performance metrics that align with your monitoring
objec ves. This could include response mes, error rates, throughput, and resource u liza on.
· Customize Time Ranges: Set the me range for the performance report. Depending on your
analysis goals, you might choose a specific meframe, such as the last 24 hours, 7 days, or a
custom period.
· Create Custom Dashboards: U lize the APM tool's dashboard customiza on features to create
views tailored to your specific needs. Arrange widgets displaying different metrics and
components.
· Analyze Trends and Anomalies: Use the visualiza ons provided by the APM tool to analyze trends
and iden fy anomalies. Look for pa erns in performance data that may indicate issues or areas for
improvement.

· Export Data: Most APM tools allow you to export performance data in various formats, such as CSV
or PDF. Export relevant data for further analysis or to include in the performance report.

· Generate Automated Reports: Explore automated repor ng features within the APM tool.
Schedule regular automated reports to be generated and delivered to stakeholders. Set up the
reports to cover specific metrics and me ranges.
· Include Insights and Recommenda ons: Enhance the performance report by providing insights
and recommenda ons based on the analyzed data. Explain the significance of the observed trends
and suggest poten al op miza ons or ac ons.

Example Steps for Specific APM Tools:

New Relic:
· U lize New Relic Insights for custom queries and dashboards.
· Leverage New Relic's report scheduling features.

· Export Insights data to CSV for further analysis.

AppDynamics:
· Customize dashboards in the AppDynamics Controller.

· Use AppDynamics Analy cs for advanced repor ng.

· Schedule and export reports in various formats.

231
 Application Developer-Web & Mobile

Dynatrace:

· Explore the built-in dashboards and reports in Dynatrace.

· Leverage Dynatrace REST APIs for custom repor ng.

· Schedule automated PDF or Excel report genera on.

10.1.5 Deployment Models

Cloud compu ng offers various deployment models that organiza ons can choose based on their specific
needs, preferences, and security requirements. The primary cloud deployment models are:

1. Public Cloud:

In a public cloud, cloud services and resources are owned and operated by a third-party cloud service
provider. These resources are made available to the general public over the internet.

Fig. 10.1.4 Public Cloud

Characteris cs:

· Shared infrastructure among mul ple customers.

· Cost-effec ve due to shared resources.

· Scalable on-demand to accommodate varying workloads.

· Examples include Amazon Web Services (AWS), Microso Azure, and Google Cloud Pla orm
(GCP).
Billing Model: Pay-As-You-Go (PAYG) or On-Demand
· Public cloud providers like Amazon Web Services (AWS), Microso Azure, and Google Cloud
Pla orm (GCP) typically offer a pay-as-you-go model. Customers are billed based on their actual
usage of resources, such as virtual machines, storage, and data transfer. Rates are o en ered,
with discounts available for reserved instances or sustained usage.

232
Par cipant Handbook

2. Private Cloud:

A private cloud is dedicated to a single organiza on, whether hosted on-premises or by a third-party
provider. It offers greater control, customiza on, and privacy compared to public clouds.

Fig. 10.1.5 Private Cloud

Billing Model: Variable (Based on Infrastructure Ownership)
In a private cloud, the billing model depends on whether the infrastructure is owned and operated by the
organiza on or provided by a third-party. If the organiza on owns the infrastructure, costs are incurred
for hardware, so ware licenses, and maintenance. If a third-party manages the private cloud, a
subscrip on or usage-based model may apply.
Characteris cs:
· Resources are isolated for exclusive use by the organiza on.

· Provides a higher level of security and compliance.

· Offers customiza on and tailored solu ons.
· Examples include VMware, OpenStack, and Microso Azure Stack.

3. Hybrid Cloud:

A hybrid cloud combines elements of both public and private clouds, allowing data and applica ons
to be shared between them. This provides more flexibility and op miza on of exis ng infrastructure.

Fig. 10.1.6 Hybrid Cloud

233
 Application Developer-Web & Mobile

Billing Model: Combina on of Public and Private Cloud Models

Hybrid cloud deployments combine public and private clouds. Public cloud resources are billed based on
usage, while private cloud costs depend on factors such as infrastructure ownership and management.
Organiza ons pay for public cloud services on a consump on basis and may have addi onal costs
associated with private cloud infrastructure.

Characteris cs:
Offers a mix of on-premises, private cloud, and public cloud services.
Facilitates workload portability and flexibility.

Enables organiza ons to leverage the benefits of both deployment models.

Examples include AWS Outposts, Microso Azure Hybrid, and Google Anthos.
4. Mul -Cloud:

Mul -cloud involves using services from mul ple cloud providers, offering redundancy, risk , and
the ability to select the best services from each provider.

Fig. 10.1.7 Hybrid Cloud

234
Par cipant Handbook

Billing Model: Varied (Depends on Cloud Providers)

Mul -cloud environments involve using services from mul ple cloud providers. Each provider may have
its own billing model, but generally, costs are based on resource usage. Organiza ons need to manage
billing from each provider separately and op mize costs based on the services used.
Characteris cs:

· Uses services from more than one cloud provider.

· Aims to prevent vendor lock-in and maximize service diversity.
· Requires effec ve management and integra on across mul ple pla orms.

· Examples include using AWS for storage, Azure for machine learning, and Google Cloud for data
analy cs.
5. Community Cloud:

A community cloud is shared among organiza ons with common concerns, such as industry-specific
regula ons or security requirements. It is managed by the organiza ons or a third-party provider.

Fig. 10.1.8 Community Cloud

Characteris cs:
· Shared by a specific community of organiza ons.
· Addresses common concerns, such as compliance or security.

· Allows for collabora on and resource sharing within the community.

· Examples include government community clouds or healthcare community clouds.
Billing Model: Shared or Subscrip on-Based

· In a community cloud, costs can be shared among the organiza ons within the community or
billed on a subscrip on basis. Shared resources may lead to cost savings, while subscrip on
models ensure predictable billing based on agreed-upon terms among community members.
Each cloud deployment model has its advantages and considera ons, and the choice o en depends on
factors such as security, compliance, scalability, and the specific needs of the organiza on.

235
 Application Developer-Web & Mobile

10.1.6 Cloud Resource Utilization

Cloud resource u liza on pa erns refer to the ways in which compu ng resources in a cloud environment
are allocated, consumed, and managed. Understanding these pa erns is crucial for op mizing costs,
ensuring efficient performance, and making informed decisions about resource provisioning.
· Constant usage over me: In this pa ern, applica ons experience a consistent and stable level of
usage over an extended period. There is li le varia on in demand throughout the day or week.

Examples: Internal business applica ons, intranet systems, or services used by a specific group of
users with a consistent need.
· Cyclic internal load: Characterized by predictable cycles of increased and decreased resource
usage within internal systems. It o en aligns with specific business processes, such as end-of-day
or end-of-month batch processing.
Examples: Financial systems performing daily or monthly closing processes, payroll systems with
cyclical processing.
· Cyclic external load: External-facing applica ons, par cularly websites, experience cyclic loads
based on external factors. These cycles might be ed to market demands or specific events.
Examples: Entertainment or sports-related websites that see increased traffic during specific
events or seasons, such as streaming pla orms during major sports events.
· Spiked internal load: Involves sudden and significant spikes in resource usage within internal
systems. These spikes are o en caused by unpredictable, large-scale jobs submi ed for
processing.
Examples: Research environments where analysts submit complex and resource-intensive
calcula ons or simula ons on an ad-hoc basis, leading to sudden demand peaks.
· Spiked external load: External-facing applica ons or websites experience sudden and substan al
increases in traffic for a short dura on. This is o en due to unexpected popularity or virality.
Examples: A website or app going viral, sudden interest in a product or service, or a social media
post a rac ng a massive audience for a brief period.

10.1.7 Monitoring Cloud Systems Performance

Monitoring the performance of cloud systems is crucial for ensuring reliability, efficiency, and op mal
user experiences. Various parameters should be considered when monitoring cloud systems to iden fy
poten al issues, track resource u liza on, and make informed decisions for op miza on. Here are
different parameters for monitoring the performance of cloud systems:

· Resource U liza on:

o CPU Usage: Monitor the u liza on of central processing units to ensure they are not
consistently running at high levels, which may indicate a need for scaling.

236
Par cipant Handbook

o Memory Usage: Track the consump on of RAM to prevent memory-related bo lenecks

and ensure efficient applica on performance.
o Storage I/O: Monitor read and write opera ons on storage devices to detect poten al
performance bo lenecks and op mize storage configura ons.

· Network Performance:

o Bandwidth: Measure the rate of data transfer between components to ensure that
network bandwidth is sufficient for applica on demands.

o Latency: Monitor network latency to iden fy delays in data transmission, which can impact
applica on responsiveness.
· Applica on-Level Metrics:
o Response Times: Track the me it takes for applica ons to respond to user requests,
helping ensure op mal user experiences.

o Throughput: Measure the rate at which the applica on processes transac ons or requests
to gauge overall performance.

o Error Rates: Monitor the occurrence of errors or excep ons to iden fy issues impac ng
applica on stability.
· Infrastructure Scaling:
o Auto-Scaling Metrics: Track the auto-scaling behavior based on demand to ensure that
resources are dynamically adjusted to meet workload requirements.
o Scaling Events: Monitor events triggering scaling ac ons, such as the addi on or removal of
instances, to understand resource alloca on changes.

· Security and Compliance:

o Security Events: Monitor security events and logs to iden fy poten al security threats or
breaches.
o Compliance Checks: Ensure that cloud resources adhere to regulatory and compliance
standards by monitoring relevant parameters.
· Cost Op miza on:
o Resource Costs: Track the cost of individual resources to op mize usage and iden fy
opportuni es for cost savings.

o Billing Alerts: Set up alerts for unexpected spikes in costs to proac vely manage and control
expenses.

· Logs and Audi ng:

o Log Analysis: Analyze logs to gain insights into system behavior, iden fy anomalies, and
troubleshoot performance issues.

237
 Application Developer-Web & Mobile

o Audi ng Trails: Monitor audit trails for changes in configura ons, access, and other
ac vi es to ensure compliance and security.

· Service-Level Agreements (SLAs):

o SLA Metrics: Track performance against agreed-upon SLAs to ensure that cloud services
meet contractual commitments.

o Down me Metrics: Monitor down me and availability metrics to assess overall service
reliability.
· Container and Orchestra on Metrics:

o Container Health: Monitor the health and performance of containers within orchestrated
environments.
o Orchestra on Metrics: Track metrics related to container orchestra on pla orms like
Kubernetes to ensure efficient resource alloca on.

· User Experience Metrics:

o Real User Monitoring (RUM): Capture data on actual user interac ons with applica ons to
assess and op mize user experiences.

o User Sa sfac on Surveys: Gather feedback from users to understand their sa sfac on
levels and iden fy areas for improvement.

10.1.8 Examine Application Log DataA

Examining applica on log data is a crucial aspect of troubleshoo ng and iden fying problems related to
applica on performance. Logs provide a detailed record of events, errors, and ac vi es within an
applica on, and analyzing them can reveal valuable insights into performance issues.
· Understand Log Formats: Familiarize yourself with the log formats used by the applica on.
Common formats include text logs, JSON logs, or structured logs. Understanding the structure
helps in extrac ng relevant informa on.
· Iden fy Key Log Entries: Look for log entries related to performance metrics, errors, warnings,
and mestamps. Key entries o en include informa on about response mes, database queries,
external API calls, and resource consump on.
· Focus on Timestamps: Pay a en on to mestamps in log entries. Analyzing the ming of events
can help correlate specific ac ons with changes in applica on performance or the occurrence of
errors.

· Aggregate and Visualize Data: Use log aggrega on and visualiza on tools to process and present
log data in a more understandable format. Tools like Elas csearch, Logstash, and Kibana (ELK
Stack) can assist in indexing, searching, and visualizing log entries.

238
Par cipant Handbook

· Search for Error Messages: Iden fy error messages or excep ons in the logs. Errors o en provide
informa on about what went wrong, helping to pinpoint the root cause of performance issues.

· Check for Warning Signs: Look for warning messages that may precede cri cal errors or
performance degrada on. Warnings can serve as early indicators of poten al issues.
· Examine Resource U liza on: Monitor logs for entries related to resource u liza on, such as high
CPU usage, memory consump on, or disk I/O. Anomalies in resource usage may indicate
performance bo lenecks.
· Trace Requests and Transac ons: Trace the journey of individual requests or transac ons through
the logs. Analyze the me taken at each step and iden fy any delays or inefficiencies.

· Correlate Events: Correlate events across different components of the applica on, such as the
web server, database, and external services. Understanding the flow of interac ons can help
iden fy areas of conten on.

· Inves gate Database Queries: If the applica on interacts with a database, examine log entries
related to database queries. Slow or inefficient queries can significantly impact applica on
performance.
· Look for External Dependencies: Check logs for entries related to external dependencies, such as
third-party APIs or services. Issues with external services can affect the overall performance of the
applica on.
· Monitor Custom Metrics: If the applica on logs custom metrics or performance indicators, focus
on those entries to gain insights into specific aspects of applica on behavior.

· Implement Logging Levels: U lize different logging levels (e.g., DEBUG, INFO, WARN, ERROR) to
filter log entries based on their severity. Adjust log levels dynamically to capture more detailed
informa on during troubleshoo ng.

· Set up Alerts: Configure log alerts to be no fied of specific pa erns or anomalies in real- me.
Automated alerts can help proac vely address performance issues.
· Collaborate with Applica on Metrics: Combine log analysis with applica on metrics and
monitoring tools for a comprehensive view of performance. Metrics such as response mes,
throughput, and error rates can complement log data.
· Document Findings: Document your findings and insights gained from log analysis. Share this
informa on with relevant teams for collabora ve troubleshoo ng and resolu on.

10.1.9 Automating Performance Monitoring Process

Using Scripts:
1. Select a Scrip ng Language: Choose a scrip ng language that is well-suited for your applica on's
technology stack. Common choices include Python, PowerShell, or Shell scripts.

239
 Application Developer-Web & Mobile

· Integrate APM Tool APIs: APM tools o en provide APIs that allow you to programma cally
interact with the tool. Integrate these APIs into your scripts to extract performance metrics,
configure se ngs, and trigger specific ac ons.

· Define Monitoring Metrics: Iden fy the key performance metrics you want to monitor. This could
include response mes, error rates, resource u liza on, and other relevant indicators.
· Schedule Script Execu on: Use scheduling tools (like cron jobs on Unix/Linux or Task Scheduler on
Windows) to automate the execu on of your scripts at predefined intervals. This ensures regular
and consistent monitoring.
· Capture and Analyze Data: Design scripts to capture data from the APM tool's API responses.
Store this data in a format that facilitates easy analysis, such as a database or a log file.

· Implement Alerts: Integrate aler ng mechanisms within your scripts. If certain condi ons (e.g.,
high response mes or increased error rates) are met, trigger alerts through email, messaging
systems, or other no fica on channels.

Using APM Tools:

· Configure APM Tool Se ngs: Set up the APM tool to monitor your applica on. Configure se ngs,
define baseline metrics, and establish alert thresholds within the APM tool's dashboard.
· Leverage Automa on Features: Most APM tools offer automa on features to streamline
monitoring. U lize features like automated discovery of applica on components, auto-
instrumenta on, and automated anomaly detec on.
· Integrate with CI/CD Pipelines: Integrate APM tools into your con nuous integra on and
con nuous deployment (CI/CD) pipelines. This ensures that performance monitoring is an
integral part of the development lifecycle.
· Customize Dashboards and Reports: Customize dashboards within the APM tool to display the
most relevant metrics for your applica on. Schedule automated report genera on to provide
stakeholders with regular updates.

· Set Up Automated Remedia on: Some APM tools allow for automated remedia on ac ons
based on performance insights. For example, auto-scaling infrastructure in response to increased
load or restar ng services on performance degrada on.

· API Integra on for Customiza on: If your APM tool provides APIs, leverage them to integrate with
other systems, automate workflows, or extract data for custom analysis.
· Implement Machine Learning and Predic ve Analy cs: Some APM tools incorporate machine
learning and predic ve analy cs. Explore and configure these features to iden fy pa erns,
predict issues, and automate proac ve performance op miza on.
· Regularly Update and Op mize: Periodically review and update your automated monitoring
setup. Ensure that it remains aligned with changes in applica on architecture, business
requirements, and updates to the APM tool.

240
Par cipant Handbook

10.1.10 Sharing Performance Reports

Sharing applica on performance reports is crucial for informed decision-making in web and mobile
development. Here's a brief guide:

· Iden fy Stakeholders: Determine who needs the reports, including managers, developers,
testers, and clients.

· Select Metrics: Choose relevant metrics like response me and error rates.

· Generate Reports: Use monitoring tools to create comprehensive reports with graphs and trends.

· Tailor to Audience: Customize reports for technical and non-technical stakeholders.

· Schedule Regular Updates: Set a schedule for weekly or monthly repor ng to track trends over
me.

· Highlight Findings: Highlight key findings and areas for improvement.

· Provide Context and Recommenda ons: Explain factors influencing metrics and offer
op miza on recommenda ons.

· Encourage Feedback: Foster discussion and feedback to address concerns and ques ons.

· Document Decisions: Record decisions and ac ons taken based on the reports to track
improvements.

10.1.11 Providing Actionable Insights

Re-engineering a web or mobile applica on involves iden fying areas for improvement and proposing
ac onable solu ons. Here's a quick guide on how to provide ac onable insights for re-engineering:

· Evaluate Current State: Assess architecture, codebase, and performance to pinpoint weaknesses.

· Gather User Feedback: Solicit user input to understand needs and pain points.

· Analyze Market Trends: Stay informed about industry trends and compe tor applica ons.

· Priori ze Improvement Areas: Focus on usability, performance, security, and scalability.

· Propose Solu ons: Offer clear recommenda ons for architectural changes and feature
enhancements.

241
 Application Developer-Web & Mobile

· Op mize Usability and Performance: Improve naviga on, streamline workflows, and enhance
applica on speed.

· Address Security Concerns: Mi gate vulnerabili es and implement robust security measures.

· Promote Collabora on and Innova on: Encourage teamwork, experimenta on, and con nuous
improvement.

· Measure Success and Iterate: Define KPIs, monitor progress, and iterate based on feedback and
data.

242
Par cipant Handbook

Exercise
Answer the following ques ons:
Short Ques ons:
1. What are the various types of cloud deployment models?

2. What is APM? List the various APM Tools.

3. What role do scripts play in automa ng the performance monitoring process?
4. How is applica on performance connected to business outcomes?

5. What are the various types of cloud deployment models?

B. Fill in the Blanks
(Hint: private, user experience, performance, metrics, public)
1. In a ________ cloud, cloud services and resources are owned and operated by a third-party
cloud service provider.
2. A ________ cloud is dedicated to a single organiza on, whether hosted on-premises or by a
third-party provider.
3. Applica on Performance Monitoring (APM) involves the monitoring of crucial performance
________ of so ware applica ons
4. KPI stands for Key ________ Indicators.
5. Monitoring the performance of cloud systems is crucial for ensuring reliability, efficiency, and
op mal ________.
5. __________is a structured approach to documen ng, monitoring, and addressing defects or
issues iden fied in so ware applica ons

243
 Application Developer-Web & Mobile

Notes

QR Code
Scan the QR Code to watch the related videos

h ps://youtu.be/Axlv27dXVBw
Applica on Performance Monitoring

244
Par cipant Handbook

245
11. Inclusive and
Environmentally
Sustainable
Workplaces

Unit 11.1 - Sustainable Prac ces in the Workplace

Unit 11.2 - Diversity and Equity Promo on Strategies in
the Workplace

SSC/N9014
Par cipant Handbook

Key Learning Outcomes

At the end of this module, par cipants will be able to:
1. Discuss the sustainable prac ces in the workplace.

2. Explain strategies for respec ng diversity and strengthening prac ces to promote equity and
inclusivity.
3. Demonstrate methods for improving diversity, equality, and inclusion in an environmentally
sustainable workplace.

247
 Application Developer-Web & Mobile

UNIT 11.1: Sustainable Prac ces in the Workplace

Unit Objectives
At the end of this unit, participants will be able to:
1. Describe different approaches for efficient energy resource u lisa on and waste management.
2. Prac ce the segrega on of recyclable, non-recyclable and hazardous waste generated.
3. Demonstrate different methods of energy resource use op miza on and conserva on.

11.1.1 Sustainability
Sustainability is the equilibrium among the environment, equity, and economy. In 1987, the Brundtland
Commission of the United Na ons characterized sustainability as "addressing the requirements of the
current genera on without jeopardizing the capacity of succeeding genera ons to fulfill their own
necessi es."

Sustainability is a concept comprised of three interconnected pillars, each playing a vital role in achieving
a harmonious and balanced system. These three pillars collec vely form the founda on for sustainable
development, ensuring that ac ons and decisions consider the broader impact on our planet and future
genera ons.

Fig.11.1.1 Three Pillars of Sustainability

The pillars of sustainability are:

Ÿ Economy: This pillar emphasizes the importance of economic ac vi es that promote long-term
prosperity without compromising the well-being of current and future genera ons.
Ÿ Society: The social pillar focuses on fostering equity, inclusivity, and social well-being. Sustainable
prac ces in this realm priori ze fair and just socie es, where all individuals have equal access to
resources, opportuni es, and basic needs.
Ÿ Environment: The environmental pillar underscores the necessity of preserving and protec ng the
natural world. Sustainable environmental prac ces aim to minimize nega ve impacts on
ecosystems, biodiversity, and natural resources.

248
Par cipant Handbook

11.1.2 Sustainable Prac ces

Sustainable prac ces at the workplace refer to the adop on of environmentally and socially responsible
strategies and behaviours by organiza ons to ensure long-term viability, minimize nega ve impacts, and
contribute posi vely to the well-being of the environment, society, and the economy.
Components of Sustainable Prac ces at Workplace

• Adop on of energy-efficient technologies.

Energy
• Implementa on of prac ces to reduce energy consump on.
Efficiency:
• Integra on of renewable energy sources.

• Establishment of waste reduc on ini a ves.

Waste Reduc on
• Implementa on of recycling programs for various materials.
and Recycling:
• Proper disposal of hazardous waste.

• Selec on of suppliers based on sustainable prac ces.

Sustainable
• Considera on of the environmental and social impact of products and materials.
Procurement:
• Integration of ethical sourcing in procurement processes.

• Conserva on of water resources through responsible usage.

Environmental
• Preserva on of natural habitats and biodiversity.
Conserva on:
• Implementa on of landscaping prac ces that promote ecological health.

• Fair and ethical treatment of employees.

Social • Promo on of diversity and inclusion in the workplace.
Responsibility: • Community engagement and support for local ini a ves.
• Ensuring health and safety standards for employees.

Green Building • Design and construc on of environmentally friendly buildings.

and • Integration of energy-efficient systems in infrastructure.
Infrastructure: • Implementa on of sustainable landscaping and outdoor spaces.

• Promo on of eco-friendly commu ng op ons for employees.

Sustainable
• Adop on of green transporta on prac ces.
Transporta on:
• Provision of facili es for bicycle commu ng or electric vehicle charging.

Sustainable • Assessment and selec on of suppliers based on sustainability criteria.

Supply Chain • Implementa on of traceability and transparency in the supply chain.
Management: • Efforts to minimize the carbon footprint in logis cs and transporta on.

Employee • Training programs on sustainable prac ces and corporate sustainability goals.
Engagement and
• Encouragement of employee par cipa on in sustainability ini a ves.
Educa on:

• Adherence to environmental and social regula ons.

Regulatory
• Monitoring and repor ng on sustainability performance.
Compliance:
• Con nuous adjustment of prac ces to meet evolving regulatory standards.

Fig. 111.2 Sustainable Prac ces at Workplace

249
 Application Developer-Web & Mobile

7.1.3 Efficient Energy Resource U lisa on

Energy resource u liza on and conserva on refers to the prac ce of efficiently u lizing and preserving
energy sources to minimize waste, reduce environmental impact, and promote sustainability. This
involves adop ng measures and strategies to op mize energy use across various sectors.

Fig.11.1.3 Efficient Energy Resource U lisa on

The different approaches for efficient energy resource u liza on and conserva on are:

1. Advanced Metering Infrastructure (AMI): Advanced Metering Infrastructure (AMI) is a sophis cated
system of smart meters, communica on networks, and data management systems designed to
modernize and enhance the func onality of tradi onal u lity metering. AMI enables the collec on,
analysis, and communica on of detailed energy consump on data in real- me, offering numerous
advantages over conven onal metering systems.

2. Energy Management Systems (EMS): Energy Management Systems (EMS) are comprehensive
so ware and hardware solu ons designed to monitor, control, and op mize energy consump on
within various environments. EMS plays a crucial role in enhancing energy efficiency, reducing costs,
and suppor ng sustainability ini a ves.

3. Energy Audits: Energy audits are systema c assessments of energy usage and efficiency within a
facility, building, or industrial process. The primary goal is to iden fy opportuni es for energy
conserva on, cost savings, and overall improvement in energy performance.

4. Energy-Efficient Ligh ng: Energy-efficient ligh ng refers to the use of ligh ng technologies and
strategies that minimize energy consump on while maintaining or improving the quality of
illumina on. This approach is crucial for reducing electricity costs, enhancing sustainability, and
mi ga ng environmental impacts.

250
Par cipant Handbook

5. Green Building Cer fica ons: Green Building Cer fica ons offer a comprehensive framework to
advocate for environmentally responsible and sustainable prac ces in both the construc on and
opera on of buildings. One prominent cer fica on is LEED (Leadership in Energy and Environmental
Design), se ng the standard for environmentally friendly building design.

6. Combined Heat and Power (CHP) Systems: Combined Heat and Power (CHP) systems, also denoted to
as cogenera on, represent integrated energy systems that produce electricity and valuable thermal
energy from a single fuel source. This approach significantly enhances overall energy efficiency
equated to the separate produc on of electricity and thermal energy.

7. Energy-Efficient HVAC Systems: Energy-efficient Hea ng, Ven la on, and Air Condi oning (HVAC)
systems play a essen al role in eleva ng building sustainability and promo ng energy conserva on.
These systems incorporate advanced technologies and features priori zing energy efficiency,
resul ng in decreased energy consump on and opera onal costs.

11.1.4 Waste Management

Waste management denotes to the collec on, transporta on, treatment, and disposal of waste materials
in a way that protects human health and the environment. In the workplace context, it encompasses
everything from recycling paper to compos ng food scraps to responsibly disposing of electronic
equipment.

Fig. 11.1.4 Waste Disposal

Importance of Waste Management

1. Environmental Conserva on:
Ÿ Reducing waste genera on and promo ng recycling contribute to the conserva on of precious
resources.
Ÿ Minimizing landfill usage helps mi gate environmental degrada on and combat climate change.

251
 Application Developer-Web & Mobile

2. Employee Health and Well-being:

Ÿ A clean and organized work environment, facilitated by effec ve waste management, fosters a
sense of well-being among employees.
Ÿ Proper waste disposal reduces health hazards associated with unmanaged waste, contribu ng to
a healthier workplace.
3. Cost Savings:
Ÿ Implementa on of efficient waste management systems results in significant reduc ons in waste
disposal costs.
Ÿ Recycling programs can poten ally unlock revenue streams, offering financial benefits to
organiza ons.
4. Brand Reputa on:
Ÿ Demonstra ng a commitment to sustainability, including effec ve waste management, enhances
a company's image.
Ÿ A posi ve corporate image a racts eco-conscious clients and employees, bolstering the brand's
reputa on in the market.

11.1.5 Steps to Manage Waste

Waste management denotes to the collec on, transporta on, treatment, and disposal of waste materials
in a way that protects human health and the environment. In the workplace context, it encompasses
everything from recycling paper to compos ng food scraps to responsibly disposing of electronic
equipment.

Fig. 7.1.5 Waste Disposal Process

1. Iden fy Wastes:
The ini al step in effec ve waste management involves a comprehensive iden fica on of the various
types of wastes generated within a given system or organiza on. This process necessitates a thorough
understanding of the waste stream, encompassing both solid and poten ally hazardous materials. By
categorizing and cataloging the different types of wastes produced, organiza ons can establish a
founda onal understanding of the scope and nature of their waste genera on.

Iden fica on also involves iden fying sources, pa erns, and poten al environmental impacts. This
step is cri cal in laying the groundwork for subsequent waste management ac ons, enabling
organiza ons to tailor strategies that address the specific composi on and characteris cs of their
generated wastes.

252
Par cipant Handbook

2. Evaluate Waste:

Once wastes are iden fied, the next step involves a detailed evalua on of their proper es, risks, and
poten al for resource recovery. This evalua on encompasses assessing the composi on of the waste
stream, dis nguishing between recyclable, non-recyclable, and hazardous materials.

Evalua on also involves considering the environmental impact of various waste management
methods. For instance, determining whether incinera on, recycling, or landfill disposal is the most
environmentally sustainable op on involves a comprehensive evalua on of factors such as energy
consump on, emissions, and long-term ecological effects.

Risk assessments associated with hazardous wastes are crucial during this step. Understanding the
poten al harm posed by certain materials guides the implementa on of safe handling and disposal
prac ces.

3. Manage Wastes:

Armed with a thorough understanding of iden fied wastes and their evalua ons, organiza ons can
then implement tailored waste management strategies. This involves the development and
implementa on of systems for waste reduc on, recycling, proper disposal, and, where applicable,
resource recovery.

Waste management strategies may include the establishment of recycling programs, the adop on of
sustainable packaging prac ces, and the implementa on of efficient disposal methods that minimize
environmental impact. Regulatory compliance, adherence to best prac ces, and ongoing monitoring
are integral components of effec ve waste management.

7.1.6 Waste Segrega on

The prac ce of segrega on in waste management is a fundamental and proac ve approach to handling
the diverse array of materials generated in various se ngs. Segrega on involves the systema c
separa on of waste into dis nct categories, primarily focusing on recyclable, non-recyclable, and
hazardous materials.

Fig.111.6 Waste Segrega on

253
 Application Developer-Web & Mobile

1. Recyclable Waste:

Ÿ Recyclable materials, like paper, cardboard, plas cs, glass, and certain metals, are iden fied and
separated at the source of genera on. This requires awareness and educa on among individuals
or within organiza ons to recognize materials that can be recycled.

Ÿ Segrega ng recyclable waste at the point of origin enhances the efficiency of recycling processes.
It streamlines the collec on and processing of materials, facilita ng the recovery of valuable
resources and reducing the environmental effect associated with manufacturing new products.

2. Non-Recyclable Waste:

Ÿ Materials that do not fall into the recyclable category, such as certain types of plas cs,
contaminated items, or non-reusable goods, are iden fied during the segrega on process. These
materials are then appropriately disposed of, o en through landfill or incinera on methods.

Ÿ Segrega ng non-recyclable waste helps prevent contamina on of recyclable streams.

Contamina on can compromise the quality of recyclables and hinder the effec veness of
recycling processes.

3. Hazardous Waste:

Ÿ Recogni on and Special Handling: Hazardous waste, encompassing materials with poten al risks
to human health or the environment, requires special a en on. Segrega on involves recognizing
items such as ba eries, electronic waste, chemicals, and medical waste that fall into this category.

Ÿ Safe Disposal Protocols: Proper segrega on ensures that hazardous waste is handled and
disposed of according to regulatory guidelines. This mi gates the poten al for environmental
pollu on and minimizes health risks associated with improper disposal of hazardous materials.

11.1.7 Types of Recyclable Waste

1. Dry Waste

Ÿ Dry waste includes items that are not wet or soiled, making them suitable for recycling. Examples
of Dry Waste are: Paper, cardboard, plas cs, glass, and metals.

Ÿ Dry waste is collected, sorted, and sent to recycling facili es where materials like paper, plas cs,
glass, and metals undergo processing for reuse in manufacturing.

2. Wet Waste

Ÿ Wet waste consists of organic materials that can decompose, such as food scraps and soiled
items. Examples of Wet Waste are Food waste, soiled paper, and yard waste fall.

Ÿ Wet waste is typically processed through compos ng, conver ng organic ma er into nutrient-
rich compost for agricultural use.

254
Par cipant Handbook

Fig.11.1.7 Types of Recyclable Waste

3. Sanitary Waste:

Ÿ Sanitary waste includes items origina ng solely from humans and human ac vi es, poten ally
including medical waste. Examples of sanitary waste are Diapers, sanitary napkins, and certain
medical waste items.

Ÿ Due to poten al health risks, sanitary waste may require specialized disposal methods, especially
when medical waste is involved.

4. E-Waste (Electronic Waste):

Ÿ E-Waste comprises discarded electronic devices and equipment. Examples: Computers, laptops,
mobile phones, and other electronic gadgets are considered e-waste.

Ÿ E-waste recycling includes the recapture of valuable materials (metals, plas cs) and proper
disposal of hazardous components. Specialized facili es are equipped to handle e-waste recycling.

255
 Application Developer-Web & Mobile

Notes

Scan the QR Code to watch the related videos

h ps://www.youtube.com/wat
ch?v=-0zQV8F03Og
Sustainable Prac ces

256
Par cipant Handbook

UNIT 11.2: Diversity and Equity Promo on Strategies in the Workplace

Unit Objectives
By the end of this unit, participants will be able to:
1. Describe the importance of following the diversity policies.
2. Iden fy stereotypes and prejudices associated with people with disabili es and the nega ve
consequences of prejudice and stereotypes.
3. Discuss the importance of promo ng, sharing and implemen ng gender equality and PwD sensi vity
guidelines at organiza on level.
4. Demonstrate essen al communica on methods in line with gender inclusiveness and PwD sensi vity.

11.2.1 Diversity
"Diversity" denotes to the presence of an extensive range of human characteris cs, a ributes, and
perspec ves within a group, organiza on, or community.
Diversity is considered a strength in various se ngs, as it can lead to increased crea vity, be er problem-
solving, and a more dynamic and adaptable organiza on or community. Organiza ons that priori ze
diversity o en aim to generate a culture where individuals feel empowered to contribute their unique
perspec ves and talents.
Key concepts related to diversity include:
Ÿ Inclusion: Nurturing an environment where everybody feels valued, respected, and included.
Ÿ Equity: Ensuring fairness and impar ality, addressing systemic barriers, and providing resources
based on individual needs.
Ÿ Representa on: Ensuring that diverse voices are heard and represented at all levels of an
organiza on.
Characteris cs of Diversity:

Demographic Diversity: Cogni ve Diversity: Experience and Background

• Age • Different ways of thinking Diversity:
• Gender • Varied problem-solving • Educa onal background
• Race and ethnicity approaches • Professional experience
• Sexual orienta on • Diverse perspec ves on • Socioeconomic background
• Na onality issues
• Disability status

Cultural Diversity: Diversity of Abili es: Diversity of Thoughts and

• Cultural prac ces • Physical abili es Ideas:
• Language • Cogni ve abili es • Varied opinions
• Religious beliefs • Emo onal intelligence • Crea ve thinking
• Innova on

Fig. 11.2.1 Characteris cs of Diversity

257
 Application Developer-Web & Mobile

Diversity Policies
Following diversity policies is crucial for fostering an inclusive and equitable work environment. Key
reasons why adhering to diversity policies is important:
1. Inclusivity: Diversity policies create an inclusive workplace, fostering a sense of belonging among
employees.

2. Crea vity and Innova on: Diverse teams bring different perspec ves, enhancing crea vity and
innova on.

3. Talent A rac on and Reten on: Diversity a racts a broad range of talent, making organiza ons
more appealing and improving reten on rates.
4. Global Market Awareness: Diverse teams can be er understand and cater to the needs of diverse
markets, enhancing business performance.
5. Legal and Ethical Compliance: Following diversity policies ensures legal compliance and demonstrates
commitment to ethical business prac ces.

6. Elimina on of Discrimina on: Diversity policies work to eliminate discrimina on and bias, fostering
a fair and just workplace.

7. Improved Decision-Making: Diverse teams contribute varied viewpoints, leading to more well-
rounded and informed decision-making.

8. Enhanced Reputa on: Companies that priori ze diversity enjoy a posi ve reputa on, building trust
and loyalty among customers and clients.
9. Employee Engagement: Valuing diversity encourages employee engagement, posi vely impac ng
produc vity and job sa sfac on.
10. Long-Term Sustainability: Embracing diversity is a strategic business impera ve for long-term
organiza onal sustainability.

11.2.2 Gender Equality

In Indian legisla on, gender is delineated as the individual a ributes and traits linked to being masculine,
feminine, or transgender. The Indian authori es acknowledge three gender categories—male, female,
and transgender—according to the Transgender Persons (Protec on of Rights) Act, 2019, enacted by the
Parliament of India in November 2019.
Gender parity denotes the principle that every individual, irrespec ve of their gender, should enjoy
equivalent opportuni es and en tlements across all facets of life, encompassing educa on,
employment, poli cal engagement, and accessibility to healthcare and other public ameni es. It signifies
that no individual should face discrimina on or disadvantages based on their gender.

258
Par cipant Handbook

Fig. 11.2.2 Gender Equality at Workplace

11.2.3 Gender-Inclusive Work Environment

In an all gender-inclusive culture, all employees, regardless of their gender iden ty (male, female, or,
transgender)), feel appreciated and supported. Apart from crea ng a sense of belonging, gender-
inclusive workplace culture can elevate previously unheard perspec ves and recognise various
experiences, fostering an environment of genuine respect and trust. This type of atmosphere not only
draws a broader range of applicants but also provides all of the necessary structural support for them to
succeed.

Fig.11.2.3 Gender Inclusivity

259
 Application Developer-Web & Mobile

The importance of a gender-inclusive workplace can be ascertained from the following benefits:

Ÿ By ensuring that the team has a healthy mix of female, male, transgender, and non-binary employees,
the organisa on can benefit from their diverse views and improve the team's crea vity and
innova on.

Ÿ By emphasising the importance of having an inclusive culture, businesses can raise employee morale
and increase opportuni es, which will lead to higher employee reten on rates and save me and
money in the long term.

Ÿ Organiza ons will be able to connect effec vely with customers and increase their understanding of
what they need if their workforce base represents their customers, bringing together a range of
genders, backgrounds, and races.
Ÿ An inclusive culture can be a major a rac on when it comes to recrui ng new employees. When a
company develops a reputa on for having a diverse workforce, it has a tremendous recrui ng tool at
its disposal.

11.2.4 Gender Sensi vity Rules and Regula ons

Ÿ Preven on of Sexual Harassment: Employers are required to establish and implement policies and
procedures to inhibit and address sexual harassment in the workplace. These policies should be
communicated to all employees and include measures for repor ng and inves ga ng complaints.

Ÿ Equal Opportuni es: Employers should ensure that all employees, regardless of gender, have equal
opportuni es for hiring, promo on, training, and development.

Ÿ Gender-Neutral Language: Employers should use gender-neutral language in all communica ons,
including job descrip ons, forms, and company policies, to avoid gender-based discrimina on.

Ÿ Inclusive Workplace: Employers should create an inclusive work environment that accommodates
individuals of all genders, including those who iden fy as non-binary or do not conform to tradi onal
gender norms.

Ÿ Maternity and Paternity Leave: Employers should provide maternity and paternity leave to support
employees who are star ng or expanding their families.

Ÿ Sensi za on and Training: Employers should provide regular sensi za on and training to employees
on gender sensi vity, diversity, and inclusion in the workplace.

Ÿ Non-Discrimina on: Employers ought not to engage in discrimina on against employees on the
grounds of their gender iden ty or expression. They should proac vely address and counteract any
instances of discrimina on or harassment rooted in gender that may arise within the workplace.

260
Par cipant Handbook

11.2.5 Inclusion of Person with Disability in the Workplace

In India, the Persons with Disabili es Act (PwD) mandates that organisa ons provide differently-abled
individuals with equal opportuni es and a non-discriminatory atmosphere, as well as facili es that will
enable them to func on at their best under the condi ons.

The following are the 6 ini a ves that should be taken by the organiza on to become more inclusive:

Fig. 11.2.4 PwD Inclusivity at Workplace

1. Create safe spaces: Create employee support groups (ESGs) to encourage and empower all
employees in the company. They contribute to the development of the community by providing
safe areas for individuals to share and get to know one another. ESGs aim to improve employee
experience while also boos ng mental wellness.
2. Examine the resources: Take some me to review the company's wri ng, website, and marke ng
materials with a fresh perspec ve. Even if the message is clear, be alert for wording that may
exclude people. Avoid using terms like "physically challenged," "differently-abled," or "special
needs" to describe people with impairments. When describing persons without disabili es,
never use the adjec ve "normal."
3. Hire a professional: Organisa on should hire people for their skills, irrespec ve of their physical
challenges. They should hire a person with a disability if they are fulfilling the demands of the job
role.
4. Speak with the employees: Persons with disabili es should be included in the decision-making
process of the organisa on, whether or not it directly affects them. It may also cause irrita on
when the organiza on adopts well-inten oned improvements that no one requires. It is cri cal to
include people with impairments in decision-making processes.
5. Promote diversity on all levels: Hiring people with disability should be done across all levels of
the organisa on. Companies must look below the surface to create a varied environment. There
are various kinds of diversity. Physical and mental ability, educa onal and economic background,
neurodiversity, and immigra on status are only a few examples. Recognize that these people
aren't merely " cking boxes."
6. Be transparent: Companies and their leaders must demonstrate that crea ng a more inclusive
atmosphere is a priority, not a project. One should allow their managers and staff to be open and
honest about their problems, errors, victories, and even limita ons. The idea is to create a

261
 Application Developer-Web & Mobile

The advantages of having an inclusive workplace:

Ÿ Access to talent: Organisa ons can access an undiscovered source of talent by focusing on abili es
rather than assump ons.

Ÿ Increased innova on: Employees with varying levels of experience approach issue resolu on in
different ways.

Ÿ Increased reten on and engagement: Employees who feel valued and included are more loyal and
enthusias c.

Ÿ Be er reputa on: Customers value businesses that demonstrate a genuine commitment to diversity
and inclusion.

Ÿ Benefits for everyone: An inclusive workplace helps everyone, not just people with disabili es.

11.2.6 Types of Disabili es

There are various types of disabili es, including:

1. Physical disabili es: These are disabili es that affect a person's physical ability to perform tasks.
Physical disabili es can be caused by congenital condi ons, injuries, or illnesses. Examples of physical
disabili es include mobility impairments, amputa ons, paralysis, and chronic pain. Physical
disabili es can limit a person's ability to perform ac vi es of daily living, such as bathing, dressing, or
cooking. Assis ve devices and technologies, such as wheelchairs, prosthe c limbs, and mobility aids,
can help people with physical disabili es to perform these tasks and live independently.

Fig. 11.2.5 Types of Disabili es

262
Par cipant Handbook

2. Mental disabili es: These are disabili es that affect a person's mental func oning. Mental disabili es
can include mental illnesses, such as depression, anxiety, bipolar disorder, or schizophrenia. Mental
disabili es can also include cogni ve impairments, such as memory loss, a en on deficits, or learning
disabili es. Mental disabili es can limit a person's ability to concentrate, communicate, or engage in
social interac ons. Treatment and support services, such as counselling, medica on, and therapy, can
help people with mental disabili es to cope their symptoms and improve their quality of life.

3. Intellectual disabili es: These are disabili es that affect a person's cogni ve abili es. Intellectual
disabili es can be caused by gene c condi ons, brain damage, or other factors. Intellectual disabili es
can result in difficul es with reasoning, problem-solving, and understanding complex concepts.
Intellectual disabili es can also affect a person's ability to communicate efficiently and involve in social
interac ons. Special educa on and support services, such as individualized instruc on and behavioral
therapies, can help people with intellectual disabili es to develop their cogni ve and social skills and
achieve their full poten al.

4. Sensory impairments: These are disabili es that affect a person's senses. Sensory impairments can
include hearing loss, vision impairment, or tac le sensi vity. Sensory impairments can limit a person's
ability to communicate, navigate their environment, or access informa on. Assis ve technologies,
such as hearing aids, Braille displays, and screen readers, can help people with sensory impairments to
overcome these limita ons and par cipate fully in society.

11.2.7 Rights of Persons with Disabili es

The Rights of Persons with Disabili es Act came into force on 19 April 2017. Further, the Rules were
no fied on June 15, 2017. The new Act replaces the Persons with Disabili es Act, 1995. The new Act
implements India’s obliga ons under the United Na ons Conven on on the Rights of Persons with
Disabili es, which was ra fied in 2007. It has taken the Indian Parliament more than a decade to pass this
legisla on.

Fig. 11.2.5 Rights of Persons with Disabili es Act, 2016

263
 Application Developer-Web & Mobile

Key compliances under the Disabili es Act:

Although the majority of the Act's requirements apply only to government facili es, private businesses
are also subject to the Act's provisions and must comply with the following:

Ÿ Create and post an Equal Opportunity Policy on the establishment's website or in a prominent
loca on within the premises. The policy must provide informa on about the perks and
accommoda ons available to disabled employees. The State Commissioner must also be given a copy
of the Policy.

Ÿ Employers with more than 20 employees must appoint a Liaison Officer to manage the recruitment of
disabled people and the par cular accommoda ons that must be provided for them.

Ÿ Establishments are required to iden fy job openings that are suitable for disabled people. In the case
of businesses that receive government subsidies, a minimum of 5% of job openings must be
designated for people with disabili es.

Ÿ In the workplace, the employer must ensure that illegi mate discrimina on against disabled people
is prohibited.
Ÿ To improve impaired employees' accessibility, the employer must provide addi onal facili es or
special advantages, such as special leave and training programmes.
Ÿ The government has published accessibility standards for disabled people, which must be followed
by all businesses. The accessibility standards apply to workplace infrastructure and communica on
technologies, both of which must be accessible to people with disabili es.
Ÿ Every organisa on must keep track of its disabled personnel.

11.2.8 Stereotypes and Prejudices Associated with People with

Disabili es
Ÿ Assump on of Dependency: Many people wrongly assume that individuals with disabili es are
en rely dependent on others for daily ac vi es and decision-making.

Ÿ Pity and Sympathy: Individuals with disabili es are some mes subjected to pity or sympathy,
perpetua ng the stereotype that their lives are inherently less fulfilling.
Ÿ Limited Capabili es: Stereotypes o en portray people with disabili es as having limited abili es,
overlooking their diverse talents, skills, and poten al.
Ÿ Invisibility of Abili es: Some stereotypes focus solely on the disability, overshadowing the individual's
other capabili es and talents.

Ÿ Assump ons about Intelligence: There can be misconcep ons about the intelligence of individuals
with certain disabili es, leading to underes ma on of their cogni ve abili es.

Ÿ Overgeneraliza on: People with disabili es are some mes unfairly generalized, assuming that all
individuals with a par cular disability share the same characteris cs.

264
Par cipant Handbook

Ÿ S gma za on: Certain disabili es may carry social s gmas, leading to nega ve percep ons and
biased a tudes towards individuals with those disabili es.

Nega ve Consequences of Prejudice and Stereotypes:

Ÿ Social Exclusion: Prejudice and stereotypes contribute to social exclusion, limi ng opportuni es for
individuals with disabili es to fully par cipate in various aspects of life.
Ÿ Limited Opportuni es: Discriminatory a tudes can result in limited educa onal and employment
opportuni es, hindering personal and professional development.
Ÿ Psychological Impact: Individuals with disabili es may internalize nega ve stereotypes, leading to
lower self-esteem and mental health issues.

Ÿ Barriers to Inclusion: Prejudice can create barriers to inclusive environments, hindering the
development of diverse and collabora ve communi es.

Ÿ Underes ma on of Abili es: Stereotypes may lead to underes ma on of the skills and poten al of
individuals with disabili es, affec ng their ability to contribute effec vely.

Ÿ Unequal Treatment: Prejudice can result in unequal treatment, with individuals facing
discrimina on in various aspects of life, including healthcare, housing, and social interac ons.
Ÿ Lack of Accessibility: Nega ve a tudes may contribute to a lack of accessibility in public spaces,
making it difficult for individuals with disabili es to navigate their surroundings independently.
Ÿ Impact on Mental Health: The constant experience of prejudice and stereotyping can contribute to
stress, anxiety, and other mental health challenges for individuals with disabili es.

11.2.9 Gender Equality and PwD Sensi vity Guidelines

Promo ng, sharing, and implemen ng gender equality and Persons with Disabili es (PwD) sensi vity
guidelines at the organiza onal level is crucial for fostering an inclusive and respec ul workplace. Here
are key reasons why this is important:
Ÿ Inclusive Work Environment: Guidelines for gender equality and PwD sensi vity contribute to
crea ng an inclusive workplace where all employees sense valued, respected, and treated equitably.
Ÿ Diverse Perspec ves and Innova on: Embracing diversity, including gender and disability, brings a
variety of perspec ves to the table. This diversity fosters crea vity and innova on as employees with
different backgrounds and experiences contribute unique insights.
Ÿ Talent A rac on and Reten on: Organiza ons that priori ze and demonstrate commitment to
gender equality and PwD sensi vity are more a rac ve to a diverse talent pool. Such organiza ons
also tend to retain employees be er as individuals feel appreciated and supported.

Ÿ Legal Compliance: Following guidelines for gender equality and PwD sensi vity ensures compliance
with relevant laws and regula ons. This reduces the risk of legal issues and demonstrates the
organiza on's commitment to ethical prac ces.

265
 Application Developer-Web & Mobile

Ÿ Enhanced Reputa on: Organiza ons that ac vely promote equality and sensi vity build a posi ve
reputa on. This can enhance the organiza on's brand image and a ract customers, clients, and
partners who value social responsibility.
Ÿ Improved Employee Morale: Guidelines promo ng equality contribute to a posi ve organiza onal
culture, leading to higher employee morale. When employees feel that their workplace is fair and
inclusive, job sa sfac on and overall well-being are likely to improve.
Ÿ Produc vity and Performance: Inclusive environments tend to foster greater collabora on and
teamwork, posi vely impac ng produc vity and overall organiza onal performance. Employees are
more likely to work cohesively when they feel respected and included.

Ÿ Reduced Stereotyping and Bias: Guidelines can help challenge and overcome gender stereotypes
and biases, as well as those related to individuals with disabili es. This fosters a culture of fairness
and equal opportuni es.

11.2.10 Communica on
Ensuring gender inclusiveness and sensi vity toward Persons with Disabili es (PwD) in communica on is
essen al for fostering a respec ul and inclusive environment. Here are some communica on methods
aligned with these principles:

1. Inclusive Language:
Ÿ Avoid Gendered Language: Use gender-neutral language whenever possible to be inclusive of all
genders. Instead of using "he" or "she," opt for gender-neutral pronouns like "they" or rephrase
sentences to eliminate gender-specific terms.
Ÿ Accessible Language: Ensure that communica on is accessible to everyone, including individuals
with disabili es, by using plain language and avoiding jargon.
2. Diverse Representa on:

Ÿ Visuals and Imagery: Incorporate diverse images and visuals in communica on materials,
reflec ng a range of genders, ethnici es, and abili es.

Ÿ Speaker Representa on: Ensure diverse representa on in speaking roles during mee ngs,
presenta ons, and events to promote a variety of perspec ves.
3. Accessibility Considera ons:
Ÿ Accessible Formats: Provide informa on in mul ple formats (e.g., text, audio, and video) to
accommodate diverse learning preferences and accessibility needs.

Ÿ Cap oning and Transcripts: Include cap ons for videos and provide transcripts for audio
content to ensure that individuals with hearing impairments can access the informa on.

266
Par cipant Handbook

4. Inclusive Policies and Prac ces:

Ÿ Clearly Communicate Inclusive Policies: Clearly communicate organiza onal policies related to
gender inclusiveness and disability sensi vity. Ensure that employees are aware of the support
available to them.
Ÿ Flexible Communica on Channels: Recognize that individuals may have different communica on
preferences. Offer flexibility in communica on channels, such as wri en, verbal, or virtual
pla orms.
5. Empathy and Sensi vity:

Ÿ Use Inclusive Language: Be mindful of the language used when discussing gender-related topics
and disability. Avoid s gma zing or derogatory terms, and use person-first language for disabili es
(e.g., "person with a disability" instead of "disabled person").

Ÿ Ac ve Listening: Prac ce ac ve listening to understand the perspec ves and needs of others,
especially when discussing issues related to gender and disabili es.

267
 Application Developer-Web & Mobile

Exercise
A. Short Answer Ques ons
1. What are some different approaches for efficient u liza on of energy resources?

2. Explain the importance of prac cing the segrega on of recyclable, non-recyclable, and
hazardous waste.

3. List the examples of recyclable, non-recyclable, and hazardous waste.

4. What are the poten al nega ve outcomes of neglec ng gender inclusiveness and PwD
sensi vity at the organiza onal level?
5. In what ways can organiza ons ac vely combat stereotypes associated with people with
disabili es and foster a more inclusive environment?
B. Fill in the Blanks

Hints: Diversity, Economy, 19 April 2017, Energy resource u liza on, Energy)
1. The three pillars of sustainability are:___________ , Society and Environment.
2. EMS stands for _________ Management Systems.

3. ____________________________________ and conserva on refers to the prac ce of

efficiently u lizing and preserving energy sources.

4. __________ refers to the presence of a wide range of human characteris cs, a ributes, and
perspec ves within a group, organiza on, or community.
5. The Rights of Persons with Disabili es Act came into force on ______________.
C. State whether True or False.

1. Transgender Persons (Protec on of Rights) Act was passed by the Parliament of India in
November 2009.

2. Green Building Cer fica ons provide a cer ficates for pain ng the building green.
3. Mental disability is a type of disability.

4. Prejudice and stereotypes contribute to social exclusion

5. LEED stands for Leadership in Energy and Environmental Design.

268
Par cipant Handbook

Notes

269
 Application Developer-Web & Mobile

270
12. Employability Skills
(60 Hours)
It is recommended that all training include the appropriate.
Employability Skills Module. Content for the same can be
accessed
h ps://www.skillindiadigital.gov.in/content/list

DGT/VSQ/N0102
Par cipant Handbook

272
13. Front-end Web
Development
(Elective – 1)

Unit 13.1 - Front-end Web Development (SSC/N8414)

SSC/N8414
Par cipant Handbook

Key Learning Outcomes

At the end of this module, you will be able to:

1. Comprehend the scope of any applica on

2. Discuss what are func onal and non-func onal requirements

3. Discuss what are user- experience requirements

4. Explain the front-end components of any web applica on – HTML, CSS and JavaScript

5. Exhibit essen al components of a web page (such as header, menu, footer etc.)
6. Demonstrate how to build sta c web pages using HTML and CSS
7. Demonstrate how to construct interac ve web pages using JavaScript

8. Demonstrate how to develop responsive web- sites that can adjust to any screen size
9. Demonstrate how to create single page websites using standard web frameworks (such as Angular,
Ember etc.)

10. Demonstrate how to build re-usable web UI components

11. Build prototypes using standards web builder tools
12. Discuss common security controls implemented to secure a web-site

13. Build test cases to check the web applica on for bugs before launch

14. Run unit tests on different modules of the web site

15. Demonstrate how to automate tes ng using standard tools (such as selenium, Appium etc.)

274
 Application Developer-Web & Mobile

Unit 13.1: Front-end Web Development

Unit Objectives
At the end of this unit, you will be able to:
1. Comprehend the scope of any applica on

2. Discuss what are func onal and non-func onal requirements

3. Discuss what are user- experience requirements

4. Explain the front-end components of any web applica on – HTML, CSS and JavaScript

5. Exhibit essen al components of a web page (such as header, menu, footer etc.)

6. Demonstrate how to build sta c web pages using HTML and CSS
7. Demonstrate how to construct interac ve web pages using JavaScript

8. Demonstrate how to develop responsive web- sites that can adjust to any screen size

9. Demonstrate how to create single page websites using standard web frameworks (such as Angular,
Ember etc.)
10. Demonstrate how to build re-usable web UI components

11. Build prototypes using standards web builder tools

12. Discuss common security controls implemented to secure a web-site
13. Build test cases to check the web applica on for bugs before launch

14. Run unit tests on different modules of the web site

15. Demonstrate how to automate tes ng using standard tools (such as selenium, Appium etc.)

13.1.1 Scope of Work

What does the term "Scope of Work" mean?

A Scope of Work (SOW) refers to the delinea on of tasks to be carried out under a contract or subcontract
within the framework of a project. It typically outlines specific assignments with associated deadlines.
When we men on a "Scope of Work," we are usually referring to the document that precisely defines this
division of labor.
A common challenge in project life cycles is the emergence of dispari es between the agency and the
client regarding:

· What tasks need to be accomplished.

· The methodology to be employed.

275
Par cipant Handbook

· The an cipated dura on for task comple on.

These discrepancies can lead to confusion and result in delivery delays or, in more severe cases, the
termina on of the project and poten al legal ramifica ons. The SOW plays a crucial role by specifying
milestones, reports, deliverables, and final products expected from the execu ng party. Timelines for
these deliverables are of utmost importance, and a highly detailed SOW is generally preferred for clarity
and precision.

Figure 193.1.1 Project scope development

Scope of Web/Mobile Applica on Development

When comprehending the scope of web app development, it is important to recognize the mul faceted
nature of the process. The scope encompasses various elements such as design, coding, and the intended
usage of the web applica on. Here's a detailed elabora on on the scope of web app development:
1. Design and Coding

· Web app development involves the crea on and implementa on of designs for websites and
web applica ons.
· It encompasses the coding process using technologies such as HTML5, CSS3, JavaScript, AJAX,
and JSON to bring the designs to life.
· The scope extends to crea ng visually appealing and func onal interfaces that cater to both
desktop and mobile devices.

2. Intended Usage

· Web app development can cater to a wide range of purposes, including personal use,
commercial applica ons, and integra on within IT departments for various organiza onal
needs.

276
 Application Developer-Web & Mobile

· The scope encompasses the development of web applica ons tailored for specific purposes,
such as e-commerce, social networking, content management, and more.

3. Cross-Device Compa bility

· The scope includes ensuring that web applica ons are designed to run seamlessly on both
desktop and mobile devices.

· Considera ons for responsive design and cross-device compa bility are integral parts of the
scope of web app development.

4. Technology Stack
· The u liza on of web-based technologies like HTML5, CSS3, and JavaScript forms a crucial part
of the scope, emphasizing the need for developers to stay updated with the latest
advancements in these areas.

5. User-Centric Approach
· The scope extends to the process of designing web applica ons with a focus on user
experience, ensuring that the end product is intui ve, engaging, and meets the needs of its
intended audience.
In summary, the scope of web app development is broad and encompasses the en re process of
conceptualizing, designing, and implemen ng web applica ons and websites, taking into account both
technical and user-oriented considera ons.

13.1.2 Functional and Non-Functional Requirement

Solu on requirements are the blueprint for success. They detail the essen al characteris cs your product
must possess to sa sfy the needs of both stakeholders and the business itself. These crucial guidelines fall
into two key categories:

Figure 13.1.2 Func onal & Non – Func onal requirements

277
Par cipant Handbook

1. Func onal Requirements:

Think of func onal requirements as the "what" of your product. They define the core features and
func onali es, the very ac ons and outcomes that make your app ck.

Imagine your app as a magic lamp. Func onal requirements are the wishes you whisper to the genie,
the essen al tasks it must perform to grant your desires. Without them, your app wouldn't func on,
wouldn't fulfill its purpose.

These are non-nego ables. They represent the must-haves in your development contract, clearly
documented and agreed upon before the first line of code is wri en. They serve as the input your
system needs to process and deliver the desired output to users.

Examples of func onal requirements:

· Login and authen ca on: Secure access for authorized users.

· Core business logic: The heart of your app's func onality, like processing orders for an e-
commerce pla orm.
· Transac ons and checkouts: Seamless buying experiences with proper payment handling.

· Authoriza on levels: Defining who can access and modify informa on.

· Historical data management: Storing and retrieving past data for informed decision-making.
2. Non-func onal requirements (NFRs)

They are the secret sauce that elevates an app from merely func onal to truly deligh ul. They define
the "how" of your app's performance, shaping the user experience and ensuring a smooth, enjoyable
journey.

Think of them as the ambiance of a restaurant. While the food (func onal requirements) might be
delicious, it's the ambiance—the ligh ng, music, and a en ve service—that creates a memorable
dining experience.

Key characteris cs of NFRs:

· Non-behavioral: They don't specify specific ac ons, but rather the overall quality of those
ac ons.

· Priori zed: Not all NFRs are equal. Some, like security and performance, are o en considered
essen al, while others might be more flexible based on project constraints.

Common examples of NFRs:

· Loading speed: Like a skilled magician, your app should delight users with its swi ness, not test
their pa ence.
· Server response me: Keep those conversa ons flowing seamlessly, ensuring your app and

278
 Application Developer-Web & Mobile

servers communicate efficiently.

· User response me: Every tap and interac on should feel responsive, fostering a sense of
control and sa sfac on.

· Data consump on limits: Be mindful of data appe tes, especially for those on limited plans.

Here's an example to illustrate:

Func onal requirements of a food ordering app:

· Display nearby restaurants

· Show menus
· Process orders and payments

Non-func onal requirements of the same app:

· Refresh restaurant lis ngs every 5 minutes (keeping those op ons fresh!)
· Load menus within 10 seconds (no wai ng for that mouthwatering decision)

· Send order confirma ons within 2 seconds (instant gra fica on, anyone?)

While func onal requirements lay the founda on, NFRs add the magic that keeps users coming back for
more. Imagine wai ng 30 seconds for that sushi list to load—even if it eventually appears, the frustra on
might have already driven your users elsewhere.

The key to a successful app is striking a harmonious balance between func onal and non-func onal
requirements. This ensures a fulfilling user experience while respec ng project constraints. Remember,
NFRs are like the spices in your culinary masterpiece—use them wisely to create an app that truly
sa sfies!

279
Par cipant Handbook

13.13 User - Experience Requirements

User experience (UX) requirements are a crucial yet some mes nebulous category in designing and
developing successful products. They're all about understanding and catering to the user's perspec ve
and journey when using your product or service. Let's delve into what they are and why they ma er:

What are UX Requirements?

Think of UX requirements as the roadmap to crea ng a smooth, intui ve, and deligh ul experience for
your users. They focus on the "how" and "why" behind user interac ons, encompassing aspects like:

· Usability: How easy is it for users to navigate the product and achieve their goals?
· Accessibility: Can users with different abili es or limita ons comfortably use the product?
· Engagement: Does the product cap vate users and keep them coming back for more?

· Emo onality: How does the product make users feel? Does it evoke frustra on, confusion, or joy?
· Aesthe cs: Is the product visually appealing and pleasing to use?
Why are UX Requirements Important?

Priori zing UX requirements leads to numerous benefits:

· Increased user sa sfac on and loyalty: Happy users become repeat customers and brand
advocates.

· Improved product adop on and usage: An effortless experience encourages users to explore and
maximize the product's poten al.
· Reduced support costs: Fewer usability issues mean less me and resources spent on
troubleshoo ng.

· Enhanced brand reputa on: A posi ve user experience becomes a powerful marke ng tool.
· Compe ve advantage: Standing out in the market with a user-centric approach.
Examples of UX Requirements:

· Here are some specific examples of UX requirements for different types of products:
· E-commerce website: Simple and intui ve search and checkout process, personalized product
recommenda ons, clear product informa on.

· Mobile app: Smooth naviga on, responsive gestures, accessible fonts and layouts, offline
func onality (if relevant).
· So ware applica on: Clearly labeled bu ons and menus, helpful error messages, customizable
se ngs, keyboard shortcuts.

Gathering and Refining UX Requirements:

Defining UX requirements effec vely involves user research techniques like:
· User interviews and surveys: Understand user needs, pain points, and expecta ons.

· Usability tes ng: Observe users interac ng with the product to iden fy fric on points.

280
 Application Developer-Web & Mobile

· A/B tes ng: Compare different design elements and features to see what resonates with users.
By incorpora ng these diverse perspec ves, you can refine your UX requirements to create a product that
truly shines in the eyes of your users.

Remember, UX requirements are an ongoing process, not a one- me checklist. Con nuously listen to user
feedback and adapt your product to evolve with their needs and expecta ons. By embracing the user-
centric approach, you'll cra products that not only work, but leave a las ng, posi ve impression.

13.1.4 Front-End Components of any Web Application –

HTML, CSS and JavaScript
1. HTML (HyperText Markup Language):

HTML (HyperText Markup Language) stands as the founda onal programming language for web
development. It encompasses fundamental components of a website, inc luding text, headings, and
paragraphs.

Comprising a series of predefined tags, HTML signifies diverse func ons, effec vely "transla ng" into
coherent informa on displayed on the screen. These tags consistently appear enclosed within angle
brackets.

· Acts as the backbone of web pages, defining their structure and content.
· Consists of elements (e.g., <header>, <p>, <img>) that create a hierarchy of content.

· Example: <h1>Welcome to my website! </h1> displays a heading.

2. CSS (Cascading Style Sheets):

CSS (Cascading Style Sheets) is a style sheet that describes how HTML components appear on a page.
CSS is used to manage your website's appearance, style, and forma ng, including RGB values, border
colors, background pictures, and more. CSS files specify a set of rules for defining a set of proper es
and their values.
· Styles the appearance of web pages, controlling layout, colors, fonts, and more.
· Can be applied directly to HTML elements or linked to separate stylesheets.

· Example: h1 {color: blue; } sets the color of all h1 headings to blue.

3. JavaScript:
JavaScript serves as a scrip ng language enabling you to govern your website's func onality. If you're
dedicated to web programming, ini a ng your journey with mastering the essen als of JavaScript is
essen al. As one of the most extensively employed programming languages globally, JavaScript offers
a user-friendly entry point and yields immediate results con ngent on the success of your code.

281
Par cipant Handbook

Through the manipula on of various HTML and CSS elements, JavaScript enhances web page
interac vity. Ac ons such as clicking a bu on, scrolling to the bo om of a page, or viewing images in a
dynamic carousel become achievable through the u liza on of JavaScript.
· Adds interac vity and dynamic behavior to web pages.

· Can manipulate HTML content, respond to user ac ons, and make web pages more responsive.

· Example: alert("Hello, world!"); displays a pop-up message.

How they work together:
· HTML forms the founda on: It creates the basic structure of the page and defines the content.

· CSS applies the visual style: It dictates the visual appearance, making the page look appealing and
organized.
· JavaScript brings the page to life: It adds interac ve elements, engaging features, and dynamic
updates, making the page more responsive and user-friendly.

13.1.5 Basic Components of a Web Page

Basic Parts of a Webpage
· Header or Banner: Posi oned at the top of a webpage, it may consist of the company logo, a tle,
and occasionally a search box. The header remains consistent across all pages on a website.

· Naviga on Bar: Typically located below the Header/Banner, the Naviga on Bar enables users to
easily access other pages on the website, regardless of the page they are currently on.
· Sidebar: Offers addi onal content, naviga on op ons, or displays ads. Note that not all webpages
incorporate sidebars.

· Content: The central sec on of a website dedicated to providing value. Website content can
include text, video, images, or a combina on of these elements.
· Footer: Found at the bo om of the page, the footer typically contains links to contact informa on,
company address, company details, terms of service, and social media links.

Figure 13.1.3 Basic component of web page

282
 Application Developer-Web & Mobile

13.1.6 Building Static Web Pages Using HTML and CSS

A sta c website or webpage comprises elements such as text, images, and mul media, all presen ng
marked-up content cra ed with HyperText Markup Language (HTML) and hosted on a web server.

Figure 13.1.4 Browser Displaying a Sta c Site

Create a Website from Scratch

A "Layout Dra "

It can be wise to draw a layout dra of the page design before crea ng a website:

First Step - Basic HTML Page

HTML is the standard markup language for crea ng websites and CSS is the language that describes the
style of an HTML document. Let's use HTML and CSS to create a basic web page.

Figure 13.1.5 layout plan for a web page

283
Par cipant Handbook

Example
<!DOCTYPE html>
<html lang="en">
<head>
< tle>Page Title</ tle>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, ini al-scale=1">
<style>
body {
font-family: Arial, Helve ca, sans-serif;
}
</style>
</head>
<body>

<h1>My Website</h1>
<p>A website created by me.</p>

</body>
</html>

Example Explained
· The <!DOCTYPE html> declara on defines this document to be HTML5
· The <html> element is the root element of an HTML page

· The <head> element contains meta informa on about the document

· The < tle> element specifies a tle for the document
· The <meta> element should define the character set to be UTF-8

· The <meta> element with name="viewport" makes the website look good on all devices and
screen resolu ons
· The <style> element contains the styles for the website (layout/design)

· The <body> element contains the visible page content

· The <h1> element defines a large heading

· The <p> element defines a paragraph
Crea ng Page Content

Inside the <body> element of our website, we will use our "Layout Dra " and create:

· A header

284
 Application Developer-Web & Mobile

· A naviga on bar
· Main content
· Side content
· A footer
Header

A header is usually located at the top of the website (or right below a top naviga on menu). It o en
contains a logo or the website name:

<div class="header">
<h1>My Website</h1>
<p>A website created by me.</p>
</div>

Then we use CSS to style the header:

.header {
padding: 80px; /* some padding */
text-align: center; /* center the text */
background: #1abc9c; /* green background */
color: white; /* white text color */
}
/* Increase the font size of the <h1> element */
.header h1 {
font-size: 40px;
}

Naviga on Bar
A naviga on bar contains a list of links to help visitors naviga ng through your website:
<div class="navbar">
<a href="#">Link</a>
<a href="#">Link</a>
<a href="#">Link</a>
<a href="#" class="right">Link</a>
</div>

Use CSS to style the naviga on bar:

/* Style the top naviga on bar */
.navbar {
overflow: hidden; /* Hide overflow */
background-color: #333; /* Dark background color */
}

285
Par cipant Handbook

/* Style the naviga on bar links */

.navbar a {
float: le ; /* Make sure that the links stay side-by-side */
display: block; /* Change the display to block, for responsive reasons (see below) */
color: white; /* White text color */
text-align: center; /* Center the text */
padding: 14px 20px; /* Add some padding */
text-decora on: none; /* Remove underline */
}

/* Right-aligned link */
.navbar a.right {
float: right; /* Float a link to the right */
}

/* Change color on hover/mouse-over */

.navbar a:hover {
background-color: #ddd; /* Grey background color */
color: black; /* Black text color */
}

Content
Create a 2-column layout, divided into a "side content" and a "main content".

<div class="row">
<div class="side">...</div>
<div class="main">...</div>
</div>

We use CSS Flexbox to handle the layout:

/* Ensure proper sizing */
*{
box-sizing: border-box;
}

/* Column container */
.row {
display: flex;
flex-wrap: wrap;
}

/* Create two unequal columns that sits next to each other */

286
 Application Developer-Web & Mobile

/* Sidebar/le column */
.side {
flex: 30%; /* Set the width of the sidebar */
background-color: #f1f1f1; /* Grey background color */
padding: 20px; /* Some padding */
}

/* Main column */
.main {
flex: 70%; /* Set the width of the main content */
background-color: white; /* White background color */
padding: 20px; /* Some padding */

13.1.7 Creating Interactive & Responsive Web – Page

Using JavaScript
Then add media queries to make the layout responsive. This will make sure that your website looks good
on all devices (desktops, laptops, tablets and phones). Resize the browser window to see the result.

/* Responsive layout - when the screen is less than 700px wide, make the two columns stack on top of
each other instead of next to each other */
@media screen and (max-width: 700px) {
.row {
flex-direc on: column;
}
}

/* Responsive layout - when the screen is less than 400px wide, make the naviga on links stack on top
of each other instead of next to each other */
@media screen and (max-width: 400px) {
.navbar a {
float: none;
width: 100%;
}
}

Tip: To create a different kind of layout, just change the flex width (but make sure that it adds up to 100%).

What is box-sizing?

287
Par cipant Handbook

You can easily create three floa ng boxes side by side. However, when you add something that enlarges
the width of each box (e.g. padding or borders), the box will break. The box-sizing property allows us to
include the padding and border in the box's total width (and height), making sure that the padding stays
inside of the box and that it does not break.
Footer

At last, we will add a footer.

<div class="footer">
<h2>Footer</h2>
</div>

And style it:

.footer {
padding: 20px; /* Some padding */
text-align: center; /* Center text*/
background: #ddd; /* Grey background */
}

You have built a responsive website.

13.1.8 Creating Single Page Websites Using Standard

Web Frameworks
What Is a Single Page Applica on?

A single-page applica on, as implied by its name, consists of a solitary page where a substan al amount of
content remains constant, with only select elements requiring updates at any given moment. To illustrate,
when perusing your email, you'll observe minimal altera ons during naviga on; the sidebar and header
persist unchanged as you navigate through your inbox.

Figure 13.1.6 Web applica on architecture a

288
 Application Developer-Web & Mobile

Frameworks That Can Be Used While Developing a Single Page Applica on

Figure 13.1.7 Major framework used for single page applica on

Build Single Page Applica on Using Angular JS

Enlisted below are the various steps involved in developing a SPA using AngularJS.

Step 1: Create a Module

AngularJS follows MVC architecture. Hence, every AngularJS applica on contains a module comprising
of controllers, services, etc.

var app = angular.module('myApp', []);

Step 2: Define a Simple Controller

app.controller('FirstController', func on($scope) {

$scope.message = 'Hello from FirstController';

});

Step 3: Include AngularJS script in HTML code

Specify the module (created in step 1) in ng-app a ribute and the controller (defined in step 2) in the
ng-controller a ribute.

<!doctype html>

<html ng-app="myApp">
<head>
<script src="h ps://cdnjs.cloudflare.com/ajax/libs/angular.js/1.4.7/angular.min.js"></script>

</head>

<body ng-controller="FirstController">

<h1>{{message}}</h1>

289
Par cipant Handbook

<script src="app.js"></script>

</body>
</html>
Once the code is run on localhost, the output will be as shown below.

It is now confirmed that our module and controller are set up, and AngularJS is working properly.

Step 4: Use AngularJS's rou ng capabili es to add different views to our SPA<script
src="h ps://cdnjs.cloudflare.com/ajax/libs/angular.js/1.4.7/angular.min.js"></script>
<script src="h ps://cdnjs.cloudflare.com/ajax/libs/angular.js/1.4.7/angular-route.min.js"></script>
We need to include angular-route script a er the main angular script.

<script src="https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.4.7/angular.min.js"></script>

<script src="https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.4.7/angular -route.min.js"></script>

var app = angular.module('myApp', ['ngRoute']);We need to use the ngRoute direc ve to enable
rou ng.

var app = angular.module('myApp', ['ngRoute']);

Step 5: Create an HTML layout for the website

Once an HTML layout for the website is created, we need to use the ng-view direc ve to specify the place
where the HTML of each page will be placed in our layout.

<!doctype html>
<html ng-app="myApp">

<head>

290
 Application Developer-Web & Mobile

<script src="h ps://cdnjs.cloudflare.com/ajax/libs/angular.js/1.4.7/angular.min.js"></script>

<script src="h ps://cdnjs.cloudflare.com/ajax/libs/angular.js/1.4.7/angular-route.min.js"></script>

</head>

<body>

<div ng-view></div>

<script src="app.js"></script>
</body>
</html>

Step 6: Use $routeProvider service from ngRoute module to configure the naviga on to different views
It is necessary to specify a templateUrl and a controller for each route that we wish to add.

Excep on handling has to be accommodated when a user tries to navigate to a route that doesn't exist.
For simplicity, we can write an “otherwise” func on to redirect the user to the “/” route.

1 var app = angular.module('myApp', ['ngRoute']);

3 app.config(func on($routeProvider) {

4 $routeProvider

6 .when('/', {

7 templateUrl : 'pages/first.html',

8 controller : 'FirstController'

9 })

10

11 .when('/blog', {

12 templateUrl : 'pages/second.html',

291
Par cipant Handbook

13 controller : 'SecondController'

14 })

15

16 .when('/about', {

17 templateUrl : 'pages/third.html',

18 controller : 'ThirdController'

19 })

20

21 .otherwise({redirectTo: '/'});

22 });

Step 7: Build controllers for every route specified in $routeProvider

1 app.controller('FirstController', func on($scope) {

2 $scope.message = 'Hello from FirstController';

3 });

5 app.controller('SecondController', func on($scope) {

6 $scope.message = 'Hello from SecondController';

292
 Application Developer-Web & Mobile

7 });

9 app.controller('ThirdController', func on($scope) {

10 $scope.message = 'Hello from ThirdController';

11 });

Step 8: Configure the page

first.html

<h1>First</h1>

<h3>{{message}}</h3>

second.html

<h1>Second</h1>

<h3>{{message}}</h3>

third.html

<h1>Third</h1>

<h3>{{message}}</h3>

Step 9: Add links to the HTML that will help in naviga ng to the configured pages

<!doctype html>
<html ng-app="myApp">

293
Par cipant Handbook

<head>
<script src="h ps://cdnjs.cloudflare.com/ajax/libs/angular.js/1.4.7/angular.min.js"></script>
<script src="h ps://cdnjs.cloudflare.com/ajax/libs/angular.js/1.4.7/angular-route.min.js"></script>

</head>

<body>

<a href="#/">First</a>

<a href="#/second">Second</a>
<a href="#/third">Third</a>

<div ng-view></div>

<script src="app.js"></script>

</body>

</html>

Step 10: Include the HTML of rou ng pages to index.html file using script tag

<!doctype html>
<html ng-app="myApp">
<head>
<script src="h ps://cdnjs.cloudflare.com/ajax/libs/angular.js/1.4.7/angular.min.js"></script>
<script src="h ps://cdnjs.cloudflare.com/ajax/libs/angular.js/1.4.7/angular-route.min.js"></script>
</head>
<body>
<script type="text/ng-template" id="pages/first.html">
<h1>First</h1>

<h3>{{message}}</h3>
</script>
<script type="text/ng-template" id="pages/second.html">

<h1>Second</h1>

<h3>{{message}}</h3>

294
 Application Developer-Web & Mobile

</script>
<script type="text/ng-template" id="pages/third.html">
<h1>Third</h1>

<h3>{{message}}</h3>
</script>

<a href="#/">First</a>
<a href="#/second">Second</a>
<a href="#/third">Third</a>

<div ng-view></div>

<script src="app.js"></script>

</body>

</html>

(When Angular detects the templates defined by the ng-template direc ves, it will load its content to
the template cache and will not perform Ajax request to get their content.)
Once the HTML is run on localhost, the following page is displayed.

Observe that the hyperlinks First, Second, Third on the page are routers and when you click on them,
naviga on to the corresponding web pages occur, without refreshing.

295
Par cipant Handbook

That's it! Thus we have created a simple SPA as demonstrated. Once you get the output successfully,
you can try out complex SPAs on the same lines.

Ember.js

Ember.js: A Comprehensive JavaScript Framework for Web Frontend Development

Ember.js stands out as a modern JavaScript framework designed to facilitate the development of web
frontends. Embracing a Model-View-Controller (MVC) architecture, Ember places a strong emphasis on
reusable components and services in its applica on design.
One notable feature of Ember.js is its inclusivity of essen al tools for building efficient and dynamic
applica on frontends. The framework incorporates built-in rou ng and two-way data binding, all while
maintaining a lightweight layer on top of vanilla JavaScript.

Being an open-source framework backed by a suppor ve community, Ember.js offers clear and extensive
documenta on. Leveraging community support proves beneficial for developers naviga ng the

296
 Application Developer-Web & Mobile

complexi es of building their own applica ons.

To create a single-page website using Ember.js, follow a few straigh orward steps. Ember.js aligns with the
conven on over configura on paradigm, providing a structured approach to building web applica ons.
The following guide outlines the general process for crea ng a simple single-page website using Ember.js.

Prerequisites:

1. Node.js and npm:

Make sure you have Node.js and npm (Node Package Manager) installed on your machine. You can
download them from h ps://nodejs.org/.
2. Ember CLI:

Install Ember CLI globally using npm:bash

npm install -g ember-cli

bash

npm install -g ember-cli

Steps:

1. Create a New Ember.js App:

Open a terminal and navigate to the directory where you want to create your Ember.js app. Run
the following commands to create a new Ember.js app:
bash

ember new my-single-page-app

cd my-single-page-app

2. Generate a Route:
In Ember.js, routes define the structure of your applica on. Generate a route for your single page
using the following command:

bash

ember generate route index

3. Edit the Template: Edit the template file for your route. Open the file located at
app/templates/index.hbs` and modify it to include the content you want on your single page.

4. Run the Applica on: Start the Ember development server to see your applica on in ac on:

297
Par cipant Handbook

bash
ember serve
Visit h p://localhost:4200 in your web browser to view your single-page applica on.

5. Addi onal Pages (Op onal): If you want to add addi onal pages to your single-page applica on,
you can generate more routes and templates using the ember generate route command.

6. Linking Between Pages (Op onal): Ember uses the {{link-to}} helper to create links between
pages. You can add naviga on links to switch between different sec ons of your single-page
applica on.

7. Build for Produc on: When you're ready to deploy your applica on, build it for produc on using:
Bash
ember build -prod
The produc on-ready files will be available in the dist directory.

· Remember that this is a basic guide, and Ember.js offers many features and conven ons
that you can explore for more complex applica ons.

· Refer to the official Ember.js documenta on (h ps://guides.emberjs.com/) for detailed

informa on on Ember.js concepts and best prac ces.

13.1.9 Demonstrate how to build re-usable web UI

components
Lets learn the process of crea ng a simple, reusable web component. We will create a user card
component that displays a user's name, image, and a short bio. This component can be used in any
web applica on where you need to display user informa on.

Prerequisites

Before we start, make sure you have a basic understanding of HTML, CSS, and JavaScript. Familiarity
with ES6 syntax, especially classes, will be helpful.

Step 1: Define the HTML Structure

The first step in crea ng a web component is to define its HTML structure. This is what the component
will look like in the DOM. For our user card component, the HTML structure could look something like
this:

<div class="user-card">
<img src="" alt="User image" class="user-image">
<div class="user-info">
<h2 class="user-name"></h2>
<p class="user-bio"></p>
</div>
</div>

298
 Application Developer-Web & Mobile

Step 2: Create a Custom Element

Next, we need to create a custom element. This is done by defining a class that extends the
HTMLElement interface. In the class, we define a constructor that calls the parent class's constructor
using the super() method. Then, we a ach a shadow root to the custom element. This encapsulates
the style and structure of the component, keeping it separate from the rest of the DOM.

class UserCard extends HTMLElement {

constructor() {
super();

this.a achShadow({ mode: 'open' });

}
}

Step 3: Define the Component's Appearance

class UserCard extends HTMLElement {

constructor() {
super();

this.a achShadow({ mode: 'open' });

this.shadowRoot.innerHTML = `
<style>
.user-card {
/* CSS styles go here */
}
</style>
<div class="user-card">
<img src="" alt="User image" class="user-image">
<div class="user-info">
<h2 class="user-name"></h2>
<p class="user-bio"></p>
</div>
</div>
`;
}
}

299
Par cipant Handbook

Now that we have our custom element, we need to define its appearance. We do this by adding CSS to
the component. The CSS is added to the shadow root, so it is encapsulated within the component.

Step 4: Add Func onality

Next, we add func onality to the component. For our user card component, we want to be able to set
the user's name, image, and bio. We do this by defining ge er and se er methods for each property.

class UserCard extends HTMLElement {

constructor() {
super();

this.a achShadow({ mode: 'open' });

this.shadowRoot.innerHTML = `
<style>
.user-card {
/* CSS styles go here */
}
</style>
<div class="user-card">
<img src="" alt="User image" class="user-image">
<div class="user-info">
<h2 class="user-name"></h2>
<p class="user-bio"></p>
</div>
</div>
`;
}

get name() {
return this.getA ribute('name');
}

set name(newValue) {
this.setA ribute('name', newValue);
}

get image() {
return this.getA ribute('image');
}

set image(newValue) {
this.setA ribute('image', newValue);

300
 Application Developer-Web & Mobile

get bio() {
return this.getA ribute('bio');
}

set bio(newValue) {
this.setA ribute('bio', newValue);
}
}

Step 5: Observe A ribute Changes

In order for our component to react to changes in its a ributes, we need to define a sta c
observedA ributes ge er that returns an array of the a ribute names we want to observe for changes.
We also need to define an a ributeChangedCallback method that will be called whenever one of these
a ributes changes.
class UserCard extends HTMLElement {
sta c get observedA ributes() {
return ['name', 'image', 'bio'];
}

a ributeChangedCallback(name, oldValue, newValue) {

switch(name) {
case 'name':
this.shadowRoot.querySelector('.user-name').innerText = newValue;
break;
case 'image':
this.shadowRoot.querySelector('.user-image').src = newValue;
break;
case 'bio':
this.shadowRoot.querySelector('.user-bio').innerText = newValue;
break;
}
}

// ...rest of the class...

}

Step 6: Register the Custom Element

The final step is to register the custom element with the browser. This is done using the
customElements.define() method. The first argument is the name of the custom element. This must

301
Par cipant Handbook

contain a hyphen to avoid conflicts with exis ng and future HTML elements. The second argument is the
class that defines the element.
javascriptCopy codecustomElements.define('user-card', UserCard);
Using the Custom Element
Now that we have defined our custom element, we can use it in our HTML just like any other HTML
element.
htmlCopy code<user-card name="John Doe" image="john.jpg" bio="Web developer and tech
enthusiast."></user-card>
These steps helps crea ng a simple, reusable web component. This component is encapsulated, meaning
its structure and style are separate from the rest of the DOM. It is also customizable, meaning we can set
its proper es to whatever we want. And best of all, it is reusable, meaning we can use it in any web
applica on where we need to display user informa on.

13.1.10 Build prototypes using standards web builder tools

Building prototypes using standard web builder tools involves u lizing tools and technologies
commonly used in web development. Below is a guide on how to create prototypes using some
popular tools and frameworks:
1. HTML, CSS, and JavaScript:
· HTML: Create the structure of your prototype using HTML. Define the layout, sec ons, and
elements you want to include.
· CSS: Style your prototype using CSS to make it visually appealing. Consider using frameworks like
Bootstrap or Tailwind CSS for faster styling.
· JavaScript: Add interac vity to your prototype using JavaScript. You can use vanilla JavaScript or a
JavaScript framework/library like jQuery.
2. Wireframing Tools:

Use wireframing tools like Figma, Sketch, or Adobe XD to create a visual representa on of your
prototype before coding. These tools allow you to plan the layout and design without wri ng code.

3. Sta c Site Generators:

Consider using sta c site generators like Jekyll, Hugo, or Gatsby to quickly set up a prototype. These
tools generate sta c HTML files based on templates and content, making it easy to create and deploy
prototypes.
4. Bootstrap:

Bootstrap is a popular CSS framework that provides pre-designed components and styles. It can help
you create responsive prototypes quickly. Include Bootstrap in your project by linking to its CSS and JS
files.

02
 Application Developer-Web & Mobile

5. React.js:

If you want a more dynamic prototype with reusable components, consider using React.js. Create
components for different sec ons of your prototype and manage the state for interac ve elements.
6. Vue.js:

Vue.js is another JavaScript framework for building user interfaces. It's lightweight and easy to
integrate into exis ng projects. Use Vue components to structure your prototype.

7. GitHub Pages or Netlify:

Host your prototype on pla orms like GitHub Pages or Netlify for easy sharing and tes ng. These
pla orms allow you to deploy sta c websites directly from your repository.
Example Using HTML, CSS, and JavaScript:

index.html

html

<!DOCTYPE html>

<html lang="en">

<head>

<meta charset="UTF-8">

<meta name="viewport" content="width=device-width, initial-scale=1.0">

<title>Prototype</title>

<link rel="stylesheet" href="styles.css">

</head>

<body>

<header>

<h1>Prototype Header</h1>

</header>

<main>

<section>

<h2>Section 1</h2>

<p>This is the content of section 1.</p>

styles.css
css

303
Par cipant Handbook

body {

font-family: Arial, sans-serif;

header, footer {

background-color: #333;

color: white;

padding: 1rem;

script.js
js

// Add JavaScript interactivity here

console.log('Prototype script loaded.');

Adjust the structure and styling based on your needs. Add interac vity with JavaScript as required for your
prototype. This is a basic example, and depending on your project's complexity, you might explore
addi onal tools and frameworks.

13.1.11 Security Controls to Secure a Web-Site

Securing a website involves implemen ng a range of security controls to protect against various threats
and vulnerabili es. Here are some common security controls that are o en implemented to secure a
website:

· SSL/TLS Encryp on: Implemen ng SSL/TLS (Secure Socket Layer/Transport Layer Security)
encryp on ensures that data transmi ed between the user's browser and the web server is
encrypted, preven ng eavesdropping and man-in-the-middle a acks.

· Web Applica on Firewall (WAF): A WAF helps protect a web applica on by filtering and
monitoring HTTP traffic between a web applica on and the Internet. It can help block malicious
traffic and protect against common web applica on a acks.

· Content Security Policy (CSP): CSP is a security standard that helps prevent cross-site scrip ng

304
 Application Developer-Web & Mobile

(XSS) a acks by allowing web developers to declare which content can be loaded on a given page.
It helps mi gate the impact of XSS vulnerabili es.

· Input Valida on and Sani za on: Ensure that all user inputs are validated and sani zed to
prevent common injec on a acks such as SQL injec on and cross-site scrip ng (XSS). Validate and
sani ze user inputs on the server side.
· Session Management: Implement secure session management prac ces, including secure
session storage, session meout mechanisms, and the use of secure, random session iden fiers.
Protect against session hijacking and session fixa on a acks.
· Authen ca on and Authoriza on: Enforce strong user authen ca on mechanisms, including the
use of secure password storage (hashed and salted passwords), mul -factor authen ca on
(MFA), and account lockout policies. Implement proper authoriza on to ensure users only have
access to the resources they need.
· Security Headers: Set HTTP security headers to enhance the security of the website. Common
security headers include Content Security Policy (CSP), Strict Transport Security (HSTS), X-Content-
Type-Op ons, and X-Frame-Op ons.
Cross-Site Request Forgery (CSRF) Protec on:

Implement an -CSRF tokens to protect against CSRF a acks. This involves genera ng unique tokens for
each user session and valida ng them on the server side for each incoming request.
· Security Patching: Regularly update and patch all so ware components, including the web server,
web applica on framework, database, and any third-party libraries. Vulnerabili es in outdated
so ware can be exploited by a ackers.

· Logging and Monitoring: Enable logging for security events and regularly monitor logs for
suspicious ac vi es. Implement aler ng mechanisms to no fy administrators of poten al
security incidents.

· Data Backup and Recovery: Regularly back up website data and implement a robust disaster
recovery plan. This ensures that the website can be restored quickly in the event of data loss or a
security incident.

· Incident Response Plan: Develop and document an incident response plan outlining the steps to
be taken in the event of a security incident. This plan should include communica on procedures,
containment measures, and recovery steps.
Implemen ng a combina on of these security controls helps create a layered defense that addresses
various aspects of web security. Regular security assessments, penetra on tes ng, and staying informed
about the latest security threats are also crucial for maintaining a secure website.

305
Par cipant Handbook

13.1.12 Build Test Cases to Check the Web Application for

Bugs Before Launch
A test case serves as a crucial element in the so ware tes ng process, comprising a set of ac ons designed
to verify the func onality or features within a so ware applica on. A well-cra ed test case includes
specific tests, test data, precondi ons, postcondi ons, and more. Below is a comprehensive guide on how
to write effec ve test cases:

· Step 1: Test Case ID: Assign a unique ID to each test case, facilita ng easy iden fica on and
tracking. A dis nct ID ensures that developers can promptly address any issues iden fied during
tes ng.

· Step 2: Test Case Descrip on: Provide a detailed descrip on of the unit, feature, or func on being
tested or verified. Clarity in the descrip on aids both testers and developers in understanding the
purpose of the test case.
· Step 3: Assump ons/Pre-condi ons: Outline the condi ons expected to be met before test case
execu on. Clearly state any assump ons or prerequisites, such as specific configura ons or
se ngs.
· Step 4: Test Data: Define the variables and their values involved in the test case. Test data is cri cal
for execu ng the test and evalua ng the so ware's behavior under different scenarios.

· Step 5: Steps for Execu on: Specify the steps for execu ng the test case from the perspec ve of an
end user. Ensure that the steps are easily repeatable. For example, if tes ng a login process, steps
may include opening the portal, entering a username, password, and clicking 'login' or 'submit.'

· Step 6: Expected Result: Clearly ar culate the expected result a er execu ng each step of the test
case. This helps in understanding the an cipated behavior and outcome, guiding testers and
developers in assessing the so ware's performance.

· Step 7: Result and Post-condi ons: Evaluate the test case based on the input values and execu on
steps. Post-condi ons describe the expected outcomes resul ng from the test case execu on,
such as successful login or redirec on to a page for re-entering informa on.
· Step 8: Pass or Fail: Determine the pass/fail status by comparing the expected result with the
actual result. This cri cal step helps in iden fying devia ons from the an cipated behavior and
facilitates effec ve issue resolu on.
By following these steps, test cases can be wri en systema cally, promo ng collabora on between
testers and developers and accelera ng the overall tes ng process.

306
 Application Developer-Web & Mobile

Test Test
Case ID Case Pre-
Descri Test Condi Test Expected Test Actual Test Status Comm
p on Data on Steps Result Result Pass/Fail ents

TC_01

TC_02

TC_03

TC_04

Test Cases Example for a web applica on, covering login, logout, other func onali es, UI, and
performance aspects. Due to the variety of browsers and versions, ensuring compa bility across
pla orms is essen al, making compa bility test cases crucial.

Test Test Case Test Data Test Steps Expected Actual Status
Case Descrip on Test Result Test Pass/F
ID Result ail

TC_01 Verify Username 1. Open URL : {website User should Same as Pass
whether a : ABCDEFG homepageurl} be logged in Expected
user is able Password: 2. Click on Login bu on gracefully
to login with 123456 from header and
valid navigate to login page
username 3. Enter registered
and user's username in the
password username field
4. Enter valid password
5. Click on Login bu on

307
Par cipant Handbook

TC_02 Verify Username 1. Open URL : {website 1. It should Same as Pass

whether it : ABCDEFG homepageurl} not allow expected
allows user Password: 2. Click on Login bu on user to login
to login with 1233333 from header and 2. It should
a valid navigate to login page display
username 3. Enter registered valida on
and an user's username in the message for
invalid username field invalid
password. 4. Enter creden als
invalid/incorrect 3. Incorrect
password input filed
5. Click on Login bu on should get
highlighted
with
different
color

TC_03 Verify the N/A 1. Open URL : {website 1. It should Same as Pass
login page homepageurl} not allow expected
when the 2. Click on Login bu on user tologin
fields are from header and 2. Valida on
blank and navigate to login page message
Submit 3. Click on Login bu on should be
bu on is display to
clicked. enter
creden als
3. Username
and
Password
field should
get
highlighted
with
different
color

Table 13.1.2 Test Cases Example for a Web Applica on

13.1.13 Run Unit Tests on different Modules of the Web Site

Unit tes ng is the prac ce of evalua ng individual, self-contained segments of a so ware applica on
known as units. It involves tes ng small por ons of the so ware in isola on, without dependence on
external systems. Components interac ng with external databases, files, or networks are excluded from
unit tes ng. The primary focus of unit tes ng is to assess isolated elements during the ini al stages of the
product's development.

308
 Application Developer-Web & Mobile

Tes ng a web applica on through unit tests involves examining the structure and opera onal principles.
Various unit tes ng methods play a crucial role in valida ng the behavior of small components within your
applica on independently of other code segments. Typically, a unit test is structured into three key
phases: Arrange, Act, and Assert:
· Arrange: Se ng up the test environment for a specific part of the applica on, referred to as the
system under test.

· Act: Performing the actual tes ng by interac ng with the system under test.
· Assert: Observing the resul ng behavior and checking whether the expecta ons defined for the
test have been met.

A successful unit test is one in which the observed behavior aligns with expecta ons, signifying correct
func onality. Conversely, a failure indicates an issue with the system under test.
To ensure effec ve unit tes ng, adherence to the FIRST principle is essen al:

· Fast: Unit tests should execute quickly, without relying on dependencies like databases or other
services.

· Isolated: Tests must run independently, without influencing one another, allowing developers to
run them in any order and at any me.
· Repeatable: Each unit test should consistently produce the same results with every execu on.
· Self-valida ng: Unit tests should be designed to determine their success or failure
programma cally, elimina ng the need for manual assessment by developers.
· Timely: Unit tests should be composed just in me to evaluate the code when it is most cri cal.
By ensuring the correct structure of unit tests and adhering to the FIRST principle, developers can expect
the desired outcomes. Even in cases where the test results deviate from expecta ons, developers can
confidently a ribute it to issues within the system rather than the test itself.
Examples of Unit Tes ng
Various systems accommodate dis nct forms of unit tests.

· Android Unit Tes ng

Developers have the flexibility to conduct unit tests on Android devices or alterna ve compu ng
pla orms. In the realm of Android development, there are two primary types of unit tests:

1. Instrumented Tests:

Instrumented tests have the capability to run on any virtual or physical Android device. In this
scenario, the developer constructs and installs the applica on along with the test applica on. The
test applica on can inject commands and scru nize the applica on state during the tes ng process.
Typically, instrumented tests are UI tests that ini ate an applica on and engage with its
func onali es.

309
Par cipant Handbook

Key Features of Instrumented Tests:

· Suitable for any virtual or physical Android device.

· Involves building and installing the applica on and test applica on together.
· Enables injec on of commands and reading of the applica on state.
· Commonly used for UI tes ng by launching and interac ng with the applica on.

Small Instrumented Tests:

These tests focus on verifying specific code func onali es within a designated framework feature, such as
an SQLite database. Developers may execute these tests on various devices to assess how effec vely the
app integrates with diverse versions of the SQLite database.

2. Local Unit Tests:

Local unit tests operate on the development server or computer. These tests are typically concise and
swi host-side tests that isolate the test subject from other segments of the applica on. In scenarios
involving extensive local unit tests, an Android simulator like Robolectric may be employed locally on the
machine.
Key Features of Local Unit Tests:

· Run on the development server or computer.

· Small and fast host-side tests.

· Isolate the test subject from other parts of the applica on.

· Big local unit tests may u lize an Android simulator (e.g., Robolectric) on the local machine.

By comprehending the dis nc ons between instrumented and local unit tests, developers can
strategically choose the tes ng approach that aligns with their specific tes ng requirements and ensures
the robustness of Android applica ons.

Here is an example of a typical UI interac on for an instrumented test. The tester clicks on the target
element to verify that the UI displays another element:

// If the Start bu on is clicked

onView(withText("Start"))
.perform(click())
// Then display the Hello message
onView(withText("Hello"))
.check(matches(isDisplayed()))
The following snippet demonstrates part of a local, host-side unit test for a ViewModel:

// If given a ViewModel1 instance

val viewModel = ViewMode1(ExampleDataRepository)

10
 Application Developer-Web & Mobile

// A er loading data
viewModel.loadData()
// Expose data
assertTrue(viewModel.data != null)
· Angular Unit Tes ng

Angular unit tests isolate code snippets to iden fy issues like malfunc ons and incorrect logic.
Execu ng a unit test in Angular can be especially challenging for a complex project with inadequately
separated components. Angular helps developers write code in a manner that lets them test each
applica on func on separately.

Angular's tes ng package offers two u li es: TestBed and async. TestBed is Angular's main u lity
package.
The “describe” container includes mul ple blocks, such as it, xit, and beforeEach. The “beforeEach”
block runs first, but the rest of the blocks can run independently. The first block from the
app.component.spec.ts file is beforeEach (within the describe container) and has to run before the
other blocks.
Angular declares the applica on module's declara on from the app.module.ts file in the beforeEach
block. The applica on component simulated/declared in beforeEach is the most important
component for the tes ng environment.
The system then calls the compileComponents element to compile all the component resources, such
as styles and templates. The tester might not compile the component when using a web pack. The
code should look like this:

beforeEach(async(() => {
TestBed.configureTes ngModule({
declara ons: [
AppComponent
],
}).compileComponents();
}));

Once the target component is declared in the beforeEach block, the tester can verify if the system created
the component using the it block.
The fixture.debugElement.componentInstance element will create an instance of the AppComponent
class. Testers can use toBeTruthy to test if the system truly creates the class instance:

it('creates the app', async(() => {

const fixture = TestBed.createComponent(AppComponent);

311
Par cipant Handbook

const app = fixture.debugElement.componentInstance;

expect(app).toBeTruthy();
}));

The next block shows the access to the app component proper es. By default, the system only adds
the tle property. The tester can easily verify the tle's consistency in the created component:

it(` tle should be 'angular-unit-test'`, async(() => {

const fixture = TestBed.createComponent(AppComponent);
const app = fixture.debugElement.componentInstance;
expect(app. tle).toEqual('angular-unit-test');
}));

The fourth block in the test string demonstrates the test's behavior in a browser environment. Once the
system creates a detectChanges component, it calls an instance of the component to simulate execu on
in the browser environment. A er rendering the component, it is possible to access its child elements via
the na veElement object:

it('render tle in h1 tag', async(() => {

const fixture = TestBed.createComponent(AppComponent);
fixture.detectChanges();
const compiled = fixture.debugElement.na veElement;
expect(compiled.querySelector('h1').textContent).toContain('Welcome to angular-unit-test!');
}));

· Node JS Unit Tes ng

Node.js allows developers to execute server-side JavaScript code. It is an open source pla orm that
integrates with popular JavaScript tes ng frameworks such as Mocha. Testers can indicate that the
code they inject is a test by inser ng Mocha test API keywords.
For example, it() indicates that the code is a single test, while describe() indicates that it contains a group
of test cases. There can be subgroups within a describe() test grouping. Each func on takes two
arguments: a descrip on displayed in the test report and a callback func on.
Here is an example or the most basic test suite with a single test case:

const {describe} = require('mocha');

const assert = require('assert');

312
 Application Developer-Web & Mobile

describe('Simple test suite:', func on() {

it('1 === 1 should be true', func on() {
assert(1 === 1);
});
});
The test's output should look like this:
$ cd src/projects/IBM-Developer/Node.js/Course/Unit-9
$ ./node_modules/.bin/mocha test/example1.js

Simple test suite:

✓ 1 === 1 should be true
1 passing (5ms)

Mocha supports any asser on library. This example uses the Node assert module (a rela vely less
expressive library).
React Na ve Unit Tes ng
React Na ve is an open source mobile app development framework for JavaScript-based applica ons. It
has a built-in Jest tes ng framework. Developers can use Jest to ensure the correctness of their JavaScript
codebase.

Jest is usually pre-installed on React Na ve applica ons as an out-of-the-box tes ng solu on. The
developer can easily open the package.json file and configure the Jest preset to React Na ve:

"scripts": {
"test": "jest"
},
"jest": {
"preset": "jest-react-na ve"
}
If, for example, the applica on has a func on to add simple numbers, the tester can easily an cipate
the correct result. It is easy to test by impor ng the sum func on into the test file. The separate file
containing the sum func on might be called ExampleSumTest.js:
const ExampleSum = require('./ExampleSum');
test('ExampleSum equals 3', () => {
expect(ExampleSum(1, 2).toBe(3);
});
The predicted Jest output should look like this:

PASS ./ExampleSumTest.js

313
Par cipant Handbook

✓ ExampleSum equals 3 (5ms)

Tools for Unit Tes ng

In the past, testers conducted unit tes ng manually, but nowadays, many companies have automated this
process using specialized tes ng tools. Subs tutes such as stubs, skeletons, mock objects, and test
harnesses are employed for unit tes ng applica ons, given that each test case operates independently of
others. The selec on of an appropriate tool is crucial, considering factors like flexibility and minimal
implementa on me. Below are some of the widely u lized unit tes ng tools:

Figure 13.1.8 Tools for unit tes ng

13.1.14 Automate Testing Using Standard Tools

Selenium: Selenium is a popular open-source framework for automa ng web browsers. It allows you to
write scripts in various programming languages (such as Java, Python, or C#) to interact with web
elements, perform ac ons like clicking bu ons or filing forms, and validate expected outcomes.

Figure 13.1.9 Best for tes ng web-based applica ons

314
 Application Developer-Web & Mobile

Appium: Appium, also open source, is specifically designed for mobile applica on automa on. It
supports both Android and iOS pla orms, enabling you to write tests that simulate user interac ons with
mobile apps.

Figure 13.1.9 Selenium and Appium Tes ng

Crea ng Your First Selenium Test

· Launch Your IDE: Open your chosen Integrated Development Environment (IDE) and create a new
project.

· Configure Dependencies: Add Selenium WebDriver as a dependency to your project. You can use
build tools like Maven or Gradle for this purpose.
· Write Your First Test: Create a new test class and write a simple Selenium test. For example, you
can open a web page and verify the page tle.
· Execute the Test: Run your test, and watch as Selenium interacts with the web page, automa ng
the steps you've defined.

Crea ng Your First Appium Test

· Install Appium: Set up Appium on your development machine, ensuring that you have the
necessary drivers and dependencies installed.
· Configure Your IDE: Configure your IDE to recognize and work with your chosen programming
language and Appium.
· Write Your First Test: Create a new test class and write an Appium test. You can start with a simple
scenario like launching a mobile app and interac ng with its elements.

Execute the Test: Run your Appium test and observe how it automates interac ons with the mobile
app, just as a user would.

315
Par cipant Handbook

Exercise
1. Mul ple Choice Ques ons:
A. Which technologies are primarily used for building sta c web pages?
a. HTML and JavaScript b. CSS and JavaScript
c. HTML and CSS d. JavaScript and Angular
B. What is the primary purpose of JavaScript in web development?
a. Styling web pages b. Enhancing user interac vity
c. Defining document structure d. Managing server-side opera ons
C. What is the key concept for making websites responsive?
a. CSS Grid b. Media queries
c. JavaScript func ons d. HTML forms
D. Which framework is commonly used for building single-page applica ons (SPAs)?
a. jQuery b. Angular
c. Bootstrap d. Flask
E. What is a key advantage of crea ng reusable UI components?
a. Reduced development me b. Increased server efficiency
c. Improved database performance d. Enhanced network security
2. Fill in the blanks:
a. _____ is an essen al step in the development process to visually represent the final
product before actual implementa on.
b. _______ such as SSL/TLS, firewalls, and secure authen ca on mechanisms are vital for
safeguarding a website.
c. Crea ng comprehensive _____ is crucial to systema cally iden fy and resolve issues in a
web applica on.
d. _____ allow developers to validate the individual components of a website to ensure they
func on correctly.
e. Automa on tools like ______ simplify the tes ng process by execu ng repe ve tasks and
ensuring consistent results.
3. Ques on/Answers:
a. What does HTML stand for?
b. Which programming language is primarily used for adding interac vity to web pages?
c. What is a common technique for making a website responsive to different screen sizes?

d. What is the primary func on of unit tests in web development?

316
 Application Developer-Web & Mobile

Notes

QR Code
Scan the QR Code to watch the related videos

h ps://youtu.be/WG5ikvJ2TKA
Frontend web development

317
Par cipant Handbook

318
14. Mobile Application
Development
Elective - 2

Unit 14.1- Mobile Solu on Planning and Development

Unit14.2-Mobile Applica on Development and
Deployment

SSC/N8415
Par cipant Handbook

Key Learning Outcomes

At the end of this module, you will be able to:

1. Explain how to gather informa on about scope of the mobile solu on, target users and other similar
solu ons available in the market.
2. Discuss what are func onal and non-func onal requirements.
3. Discuss what are user experience requirements.

4. Examine popular mobile pla orms and their characteris cs (such as Android, iOS, SailfishOS etc.)
5. Show different types of mobile applica ons and their characteris cs (such as na ve applica on,
cross-pla orm applica on, hybrid applica on etc.).

6. Demonstrate how to build a na ve mobile applica on.

7. Demonstrate how to develop a cross-pla orm mobile applica on.
8. Demonstrate how to build a hybrid mobile applica on.

9. Demonstrate how to build a progressive web applica on (PWA).

10. Discuss the different types of dependencies associated with mobile applica on development (such as
me to market, access to device hardware func onalist, support for 3rd party integra ons etc.)

11. Describe security standards and configura ons that make the mobile applica on secure.

12. Demonstrate how to secure data on the mobile device using encryp on and obfusca on.
13. Demonstrate A/B tes ng
14. Explain how to build A/B tes ng capabili es to test products and features.

15. Create and manage service configura ons for mobile applica ons.
16. Demonstrate how to manage source code using version control tools.
17. Discuss popular app-stores (such as Play store, App Store etc.).

18. Demonstrate how to publish mobile applica ons on different app-stores.

19. Demonstrate how to build test cases to test mobile applica on before launch.
20. Demonstrate how to run unit tests on different units of the mobile applica on.

21. Demonstrate how to automate tes ng using standard tools (such as selenium, Appium etc.).

320
 Application Developer-Web & Mobile

UNIT 14.1: Mobile Solu on Planning and Development

Unit Objectives
At the end of this unit, you will be able to:
1. Explain how to gather informa on about scope of the mobile solu on, target users and other similar
solu ons available in the market.

2. Discuss what are func onal and non-func onal requirements.

3. Discuss what are user experience requirements.

4. Examine popular mobile pla orms and their characteris cs (such as Android, iOS, SailfishOS etc.)

5. Show different types of mobile applica ons and their characteris cs (such as na ve applica on,
cross-pla orm applica on, hybrid applica on etc.).

14.1.1 Understanding Mobile Solution Scope, Target

Users, and Market Analysis in Mobile Application
Development
In the dynamic field of mobile applica on development, the ini al stages of planning are crucial for the
success of the project. This involves gathering comprehensive informa on about the scope of the mobile
solu on, iden fying target users, and conduc ng a thorough analysis of similar solu ons available in the
market.

Fig. 14.1.1 Mobile app development lifecycle: 9 steps

321
Par cipant Handbook

· Defining Mobile Solu on Scope:

o Purpose and Objec ves: Clearly ar culate the purpose and objec ves of the mobile
solu on. What problems or needs will the applica on address?
o Func onali es and Features: Outline the key func onali es and features the applica on
aims to offer. Define what sets it apart from other solu ons.

o User-Centric Approach: Design the applica on with a user-centric focus, ensuring that it
addresses the intended needs of its users.
· Iden fying the Target Users:

o Primary and Secondary Audience: Define the primary and secondary target audience for
the mobile applica on. Consider demographics, preferences, and behaviors.
o User Personas: Create detailed user personas represen ng different segments of the target
audience. This helps in understanding user needs and tailoring the applica on accordingly.

o User Research: Conduct thorough user research, u lizing surveys, interviews, and focus
groups to gain insights into user expecta ons.
· Analyzing Similar Solu ons in the Market:

o Compe tor Analysis: Conduct a comprehensive analysis of exis ng mobile applica ons
within the same domain. Iden fy compe tors and analyze their strengths and weaknesses.
o SWOT Analysis: Perform a SWOT analysis to understand the applica on's Strengths,
Weaknesses, Opportuni es, and Threats in comparison to similar solu ons.

o User Feedback: Analyze user reviews and feedback for compe tor applica ons to
understand user sa sfac on and areas for improvement.
· User Surveys and Feedback:
o Surveys: Design and distribute surveys to gather direct feedback from poten al users. Use
these surveys to understand user preferences, expecta ons, and pain points.
o Focus Groups: Organize focus groups or interviews to delve deeper into qualita ve insights.
Engage with users to understand their mo va ons and challenges.

· Market Trends and Technologies:

o Stay Informed: Keep abreast of current trends and emerging technologies in the mobile
app development industry. Understand how these trends may influence the design and
func onality of the applica on.
o Feasibility Assessment: Assess the feasibility of integra ng new technologies into the
applica on to enhance its compe veness.

· Define Success Metrics:

o Key Performance Indicators (KPIs): Establish key performance indicators (KPIs) to measure
the success of the mobile solu on. These may include user engagement, reten on rates,

322
 Application Developer-Web & Mobile

conversion rates, and customer sa sfac on.

· Regulatory and Compliance Considera ons:

o Legal Requirements: Iden fy any legal or regulatory requirements applicable to the mobile
solu on. Ensure compliance with data protec on, privacy, and accessibility standards.

In summary, the process of gathering informa on about the scope of the mobile solu on, target users,
and market condi ons is founda onal for effec ve mobile applica on development. By following these
steps, developers can align their efforts with user expecta ons, differen ate their applica on in the
market, and ensure regulatory compliance. This ini al groundwork sets the stage for a successful and
user-friendly mobile applica on.

14.1.2 Understanding Functional and Non-Functional

Requirements in Mobile Application Development
In the realm of mobile applica on development, the iden fica on and delinea on of requirements play a
pivotal role in shaping the design, func onality, and overall success of the applica on. These
requirements are broadly categorized into func onal and non-func onal aspects, each serving a dis nct
purpose.

Fig. 14.1.2 Func onal and non-func onal requirements for mobile app
1. Func onal Requirements: Func onal requirements define the specific func onali es and features
that the mobile applica on must possess to meet the needs of its users and fulfill its intended purpose.
Key Components:
· Features and Capabili es: Enumerate the specific features and capabili es that the applica on
should offer. This includes user interac ons, data processing, and any other task the applica on is
expected to perform.
· User Stories and Scenarios: Cra user stories and scenarios that illustrate how users will interact

323
Par cipant Handbook

with the applica on. These narra ves provide a user-centric perspec ve, guiding developers in
implemen ng func onali es that align with user expecta ons.
· Use Cases: Develop detailed use cases that outline the step-by-step interac ons between users
and the applica on. Use cases help in visualizing and understanding the flow of the applica on.
Example:
· Func onal Requirement: The applica on should allow users to create an account, log in securely,
and personalize their profiles with relevant informa on.
2. Non-Func onal Requirements:
Non-func onal requirements define the quali es and a ributes that characterize the overall
performance, usability, and security of the mobile applica on.
Key Components:
· Performance: Specify performance-related requirements such as response me, loading speed,
and the ability to handle a certain number of concurrent users. Performance requirements ensure
a seamless user experience.
· Usability: Outline usability requirements that focus on the user interface (UI) and overall user
experience (UX). This includes factors like intui ve naviga on, accessibility, and responsiveness
across different devices.
· Security: Define security requirements to safeguard user data, prevent unauthorized access, and
ensure the confiden ality and integrity of informa on stored within the applica on.
· Reliability: Specify reliability requirements, including the applica on's up me, error handling
mechanisms, and the ability to recover gracefully from failures.
· Scalability: Determine scalability requirements to accommodate poten al growth in user base
and data volume. Scalability ensures the applica on can handle increased loads without
compromising performance.
Example:
· Non-Func onal Requirement: The applica on should load pages within 3 seconds, ensuring a
responsive and user-friendly experience. Addi onally, it should encrypt user data using industry-
standard protocols to maintain data security.
Importance of Balancing Both:
Achieving a harmonious balance between func onal and non-func onal requirements is essen al for
delivering a robust and user-centric mobile applica on. While func onal requirements cater to what the
applica on does, non-func onal requirements address how well it performs these func ons.
By thoroughly defining and priori zing both sets of requirements, developers can create a comprehensive
blueprint that guides the en re development process. This approach ensures that the resul ng mobile
applica on not only meets user expecta ons in terms of features but also delivers a seamless, secure, and
enjoyable user experience.

324
 Application Developer-Web & Mobile

14.1.3 Understanding User Experience Requirements

in Mobile Application Development
In the domain of mobile applica on development, user experience (UX) requirements play a pivotal role
in shaping the overall sa sfac on and engagement of users with the applica on. UX requirements go
beyond mere func onali es, focusing on crea ng a seamless, intui ve, and enjoyable interac on
between the user and the mobile applica on.

Fig. 14.1.3 Importance of UI and UX in mobile app development

Key Aspects of User Experience Requirements:

· User Interface (UI) Design:
o Visual Design: Specify the visual elements of the applica on, including color schemes,
typography, and iconography. Consistent and appealing visual design enhances the overall
aesthe cs.
o Layout and Naviga on: Define the layout of screens and the naviga on flow. Ensure that
the interface is intui ve, with easy-to-follow naviga on paths for users.

· Interac on Design:
o Gesture Controls: Iden fy specific gestures (tap, swipe, pinch-to-zoom, etc.) and their
func onali es. Gesture controls contribute to a more interac ve and engaging user
experience.
o Feedback Mechanisms: Define how the applica on provides feedback to user ac ons.
Feedback, such as anima ons or hap c responses, helps users understand the system's
response to their interac ons.

· Responsiveness and Performance:

o Loading Times: Specify acceptable loading mes for various screens and func onali es. A

325
Par cipant Handbook

responsive applica on ensures that users do not experience delays or interrup ons during
interac ons.

o Op mized Performance: Define performance standards to ensure smooth transi ons and
interac ons, even under varying network condi ons.
· Accessibility:
o Inclusive Design: Ensure that the applica on is accessible to users with disabili es. This
involves considera ons for screen readers, voice commands, and other assis ve
technologies.
o Text Readability: Define text size, contrast, and legibility standards to enhance readability
for users with different visual abili es.

· Personaliza on and Customiza on:

o User Preferences: Allow users to customize their experience based on preferences. This
could include themes, language se ngs, or content preferences.

o Personalized Recommenda ons: If applicable, outline requirements for providing

personalized content or recommenda ons based on user behavior.
· Cross-Pla orm Consistency:

o Consistent Experience: Define guidelines to ensure a consistent UX across different

pla orms (iOS, Android). Consistency contributes to user familiarity and ease of use.
· Error Handling and Recovery:
o Clear Error Messages: Specify requirements for clear and informa ve error messages.
Users should easily understand errors and be guided on how to rec fy them.
o Graceful Error Recovery: Define how the applica on recovers from errors without
compromising the user experience.

· User Onboarding:

o Onboarding Process: Outline the onboarding experience for new users, including tutorials
or guided tours. An effec ve onboarding process contributes to user reten on.
Example:
· User Experience Requirement: The applica on should provide a visually appealing and intui ve
interface with easily navigable screens. Loading mes for each screen should not exceed three
seconds, and the applica on should support gestures for ac ons such as swiping and tapping.
Significance of User Experience Requirements:

User experience requirements are integral to the success of a mobile applica on. By priori zing the
aspects that contribute to a posi ve user experience, developers can create applica ons that not only
fulfill func onal needs but also resonate with users, fostering long-term engagement and sa sfac on.

326
 Application Developer-Web & Mobile

14.1.4 Exploring Popular Mobile Platforms and Their

Characteristics
In the dynamic landscape of mobile applica on development, developers encounter a variety of
pla orms that host diverse ecosystems.
Understanding the characteris cs of popular mobile pla orms is crucial for applica on developers, as it
influences decisions related to target audience, development tools, and user experience.

Let's examine the characteris cs of some prominent mobile pla orms: Android, iOS, and SailfishOS.

Fig. 14.1.4 Mobile app development pla orms for enterprise

· Android:
o Open Source Nature: Android is an open-source opera ng system, allowing developers to
customize and modify the system according to their needs.

o Device Diversity: Android runs on a wide range of devices from different manufacturers,
leading to diversity in screen sizes, resolu ons, and hardware capabili es.
o Google Play Store: Applica ons for Android are primarily distributed through the Google
Play Store, offering a vast marketplace for developers to reach a global audience.

o Customiza on: Android provides extensive customiza on op ons for both users and
developers, enabling a diverse range of applica ons and user experiences.
· iOS:

o Closed Ecosystem: iOS is a closed ecosystem developed by Apple, providing a controlled

and consistent environment across all devices.
o App Store: The exclusive distribu on pla orm for iOS applica ons is the Apple App Store,
known for its strict app review process and curated content.

327
Par cipant Handbook

o Unified User Interface: iOS devices share a standardized user interface design, ensuring a
consistent look and feel across iPhones, iPads, and other Apple products.
o Development Language: iOS applica ons are commonly developed using Swi or
Objec ve-C, and developers o en follow Apple's Human Interface Guidelines for op mal
user experience.
· SailfishOS:
o Linux-Based OS: Sailfish OS is a Linux-based mobile opera ng system known for its
openness and compa bility with Android applica ons.

o Gesture-Centric Naviga on: Sailfish OS employs a gesture-centric user interface, offering a

unique and intui ve way for users to navigate and interact with their devices.

o Mul tasking Capability: Sailfish OS emphasizes mul tasking, allowing users to seamlessly
switch between applica ons and manage tasks efficiently.
o Developing for Sailfish OS: Developers can use Qt for app development on SailfishOS, and
the Sailfish SDK provides tools for crea ng applica ons with na ve Sailfish look and feel.

Considera ons for Developers:

· User Base: Developers should consider the target audience and user base of each pla orm to
determine the poten al reach of their applica ons.

· Development Tools: Each pla orm has its set of development tools and languages, such as
Android Studio for Android and Xcode for iOS, influencing the development process.
· Mone za on Strategies: The mone za on strategies, app review processes, and revenue-
sharing models may vary between pla orms, impac ng the financial aspects of app development.

Example:
For a developer targe ng a broad and diverse user base with a focus on customiza on, Android's open-
source nature and device diversity might be advantageous. In contrast, a developer aiming for a
consistent and controlled user experience may find iOS more suitable.

Understanding the characteris cs of different mobile pla orms empowers developers to make informed
decisions, ensuring the successful deployment and recep on of their applica ons in the compe ve
mobile landscape.

14.1.5 Exploring Types of Mobile Applications and Their

Characteristics
Mobile applica on development encompasses various approaches, each with its set of characteris cs
and advantages. Understanding the dis nc ons between na ve applica ons, cross-pla orm
applica ons, and hybrid applica ons is essen al for developers seeking the most suitable strategy for
their projects.

328
 Application Developer-Web & Mobile

· Na ve Applica ons:

o Pla orm-Specific Development: Na ve applica ons are developed using pla orm-specific
programming languages (Swi or Objec ve-C for iOS, Java or Kotlin for Android).
o Op mized Performance: They offer op mal performance since they are directly compiled
for the target pla orm, u lizing device-specific features and capabili es.

o Access to Na ve APIs: Na ve apps have direct access to pla orm-specific APIs, providing
seamless integra on with device func onali es.
· Cross-Pla orm Applica ons:

o Single Codebase: Cross-pla orm applica ons are built using a single codebase that can be
deployed on mul ple pla orms, saving development me and effort.
o Common Development Frameworks: Frameworks like React Na ve, Flu er, and Xamarin
facilitate cross-pla orm development by enabling the crea on of na ve-like interfaces.

o Efficiency in Updates: Updates and changes can be applied uniformly across pla orms,
ensuring consistency and efficiency in maintenance.
· Hybrid Applica ons:

o Combina on of Web and Na ve Technologies: Hybrid applica ons combine web

technologies (HTML, CSS, JavaScript) with na ve components to create a single applica on
that runs on mul ple pla orms.
o WebView for UI Rendering: The user interface is rendered using a WebView component,
providing a consistent appearance across pla orms.
o Access to Na ve Features: Hybrid apps can access na ve device features through plugins or
bridges, offering a balance between web and na ve capabili es.
Considera ons for Developers:

ü Performance: Na ve applica ons typically offer the best performance due to their pla orm-
specific op miza ons.

ü Development Time: Cross-pla orm and hybrid approaches can significantly reduce
development me by allowing code reuse.
ü User Experience: Na ve applica ons o en provide a seamless and pla orm-na ve user
experience, while cross-pla orm and hybrid apps may need to balance consistency across
pla orms.

Example:
A developer aiming for op mal performance and a pla orm-specific user experience might choose to
develop a na ve applica on. If me and resource efficiency are priori zed for reaching a broader
audience, a cross-pla orm or hybrid approach could be considered.
In the dynamic field of mobile applica on development, the choice between na ve, cross-pla orm, or

329
Par cipant Handbook

hybrid development depends on project requirements, development goals, and the desired user
experience. Developers should carefully assess these factors to select the most suitable approach for
their specific applica on needs.

330
 Application Developer-Web & Mobile

Notes

QR Code
Scan the QR Code to watch the related videos

h ps://youtu.be/AsnVb0aS4cE
How to Learn Mobile App Development

331
 Application Developer-Web & Mobile

UNIT 14.2: Mobile Applica on Development and Deployment

Unit Objectives
At the end of this unit, you will be able to:
1. Demonstrate how to build a na ve mobile applica on.

2. Demonstrate how to develop a cross-pla orm mobile applica on.

3. Demonstrate how to build a hybrid mobile applica on.

4. Demonstrate how to build a progressive web applica on (PWA).

5. Discuss the different types of dependencies associated with mobile applica on development (such
as me to market, access to device hardware func onalist, support for 3rd party integra ons etc.)
6. Describe security standards and configura ons that make the mobile applica on secure.
7. Demonstrate how to secure data on the mobile device using encryp on and obfusca on.

8. Demonstrate A/B tes ng

9. Explain how to build A/B tes ng capabili es to test products and features.
10. Create and manage service configura ons for mobile applica ons.

11. Demonstrate how to manage source code using version control tools.
12. Discuss popular app-stores (such as Play store, App Store etc.).
13. Demonstrate how to publish mobile applica ons on different app-stores.

14. Demonstrate how to build test cases to test mobile applica on before launch.

15. Demonstrate how to run unit tests on different units of the mobile applica on.
16. Demonstrate how to automate tes ng using standard tools (such as selenium, Appium etc.).

14.2.1 Building a Native Mobile Application: A Step-

by-Step Guide
Developing a na ve mobile applica on involves crea ng so ware specifically for a par cular mobile
pla orm, leveraging the na ve tools and programming languages associated with that pla orm. Fig. 14.2.1
Na ve app development

332
Par cipant Handbook

Fig. 14.1.1 Mobile app development lifecycle: 9 steps

Below is a step-by-step demonstra on for building a na ve mobile applica on.

Step 1: Set Up Development Environment

· Choose the appropriate Integrated Development Environment (IDE) for the target pla orm
(Xcode for iOS, Android Studio for Android).

· Install the necessary SDKs (So ware Development Kits) for the chosen pla orm.

Step 2: Define Project Scope and Requirements

· Clearly define the scope of your mobile solu on, iden fying target users, and researching similar
solu ons in the market.

· Document func onal and non-func onal requirements, including user experience expecta ons.
Step 3: Create a New Project
· Open the chosen IDE and create a new project.

· Choose project se ngs such as name, package name (for Android), bundle iden fier (for iOS), and
other configura ons.
Step 4: Design User Interface (UI)

· Use the built-in tools of the IDE to design the app's user interface.

· Consider the pla orm-specific design guidelines for crea ng a na ve and intui ve user
experience.

Step 5: Implement Applica on Logic

· Write the applica on logic using the programming language na ve to the pla orm (Swi or
Objec ve-C for iOS, Java or Kotlin for Android).

333
 Application Developer-Web & Mobile

· Implement features, interac ons, and func onali es as per the project requirements.
Step 6: Test the Applica on

· Conduct thorough tes ng to ensure the applica on func ons correctly.

· Test the app on emulators or real devices to iden fy and address any pla orm-specific issues.
Step 7: Op mize for Performance
· Op mize the applica on for performance by addressing memory usage, responsiveness, and
other pla orm-specific considera ons.
· Leverage pla orm-specific tools for profiling and debugging.
Step 8: Integrate Na ve APIs

· Access and integrate pla orm-specific APIs to leverage device capabili es (camera, sensors,
loca on, etc.).
· Ensure seamless integra on with the na ve features of the mobile pla orm.

Step 9: Debug and Refine

· Debug the applica on to iden fy and fix any issues.

· Refine the UI/UX based on feedback and tes ng results.

Step 10: Build for Deployment

· Build the na ve applica on for deployment on the target pla orm.

· Generate executable files (APK for Android, IPA for iOS) for distribu on.
Step 11: Publish to App Store/Google Play

· Register for developer accounts on the respec ve app stores (App Store for iOS, Google Play for
Android).
· Publish the na ve mobile applica on, following the app store guidelines and submission
processes.

· By following these steps, developers can successfully build a na ve mobile applica on tailored to a
specific pla orm, providing an op mal user experience and seamless integra on with the device's
na ve func onali es.

14.2.2 Developing a Cross-Platform Mobile Application:

A Practical Guide
Building a cross-pla orm mobile applica on allows developers to create a single codebase that can run on
mul ple opera ng systems. This demonstra on outlines the steps to develop a cross-pla orm mobile
applica on.

334
Par cipant Handbook

Fig. 14.2.2 Cross pla orm mobile applica on

Step 1: Choose a Cross-Pla orm Framework

· Select a cross-pla orm framework that suits the project requirements. Popular op ons include
React Na ve, Flu er, Xamarin, and PhoneGap.

· Consider factors such as performance, community support, and integra on capabili es.
Step 2: Set Up Development Environment

· Install the chosen cross-pla orm framework and its dependencies.

· Ensure the development environment is configured for both Android and iOS development.
Step 3: Project Ini aliza on

· Use the framework's command-line tools or IDE plugins to ini alize a new cross-pla orm project.

· Configure project se ngs, including app name, package name, and target pla orms.
Step 4: Design User Interface (UI)
· Leverage the framework's UI components to design the applica on's user interface.

· Ensure UI components provide a na ve-like experience on both Android and iOS.

Step 5: Implement Applica on Logic
· Write applica on logic using the framework's programming language (e.g., JavaScript for React
Na ve, Dart for Flu er).

· Implement features and func onali es that are consistent across pla orms.
Step 6: Test on Emulators and Devices

335
 Application Developer-Web & Mobile

· Use emulators to test the applica on on both Android and iOS.

· Conduct real-device tes ng to iden fy and address pla orm-specific issues.
Step 7: Op mize for Performance

· Op mize the applica on for performance by addressing framework-specific considera ons.

· U lize tools provided by the framework for profiling and debugging.
Step 8: Integrate Na ve Modules

· If needed, integrate na ve modules using the framework's APIs.

· Access pla orm-specific func onali es by leveraging the framework's bridge mechanisms.
Step 9: Debug and Refine

· Debug the applica on to iden fy and fix any issues.

· Refine the UI/UX to align with pla orm-specific design guidelines.

Step 10: Build for Deployment

· Use the framework's build tools to generate deployment-ready packages for Android and iOS.

· Output APK file for Android and IPA file for iOS.
Step 11: Distribute via App Stores

· Register developer accounts on Google Play and the App Store.

· Publish the cross-pla orm applica on, following the submission guidelines of each app store.
By following these steps, developers can create a cross-pla orm mobile applica on, maximizing code
reuse and efficiency while providing a consistent user experience across different opera ng systems.

14.2.3 Building a Hybrid Mobile Application: A Practical

Walkthrough
Crea ng hybrid mobile applica ons involves combining web technologies with na ve func onali es,
providing a balance between cross-pla orm compa bility and na ve features. This demonstra on
outlines the steps to build a hybrid mobile applica on.
Step 1: Choose a Hybrid Framework
· Select a hybrid framework, such as Apache Cordova, Ionic, or PhoneGap, based on project
requirements.

· Consider factors like performance, ease of development, and community support.

Step 2: Set Up Development Environment

· Install the chosen hybrid framework along with required dependencies.

336
Par cipant Handbook

· Ensure the development environment is configured for both Android and iOS.

Step 3: Create a New Project

· Use the framework's command-line interface or an integrated development environment (IDE) to
ini ate a new hybrid project.

· Configure project se ngs, including app name, package name, and target pla orms.
Step 4: Design User Interface (UI)

· U lize HTML, CSS, and JavaScript to design the applica on's user interface.

· Leverage the framework's UI components to create a responsive and visually appealing design.
Step 5: Implement Applica on Logic
· Write applica on logic using JavaScript or TypeScript.

· Implement features and func onali es with a focus on cross-pla orm compa bility.
Step 6: Access Na ve Func onali es
· Use the framework's plugins to access na ve func onali es, such as camera, geoloca on, or
device sensors.

· Implement pla orm-specific code snippets for enhanced capabili es.

Step 7: Test on Simulators and Devices

· Test the hybrid applica on on emulators or simulators for Android and iOS.

· Conduct real-device tes ng to iden fy and address pla orm-specific issues.

Step 8: Op mize for Performance

· Op mize the applica on for performance, addressing considera ons like rendering speed and
memory usage.
· U lize built-in tools or external libraries for performance monitoring.
Step 9: Debug and Refine

· Debug the applica on using browser-based tools or integrated debugging features.

· Refine the UI/UX based on pla orm-specific design guidelines.
Step 10: Build for Deployment

· Use the framework's build tools to generate deployment-ready packages for Android and iOS.
· Output APK file for Android and IPA file for iOS.
Step 11: Distribute via App Stores

· Register developer accounts on Google Play and the App Store.

· Publish the hybrid applica on, following the submission guidelines of each app store.

337
 Application Developer-Web & Mobile

By following these steps, developers can successfully build a hybrid mobile applica on, combining the
flexibility of web technologies with na ve capabili es, and ensuring compa bility with both Android and
iOS pla orms.

14.2.4 Building a Progressive Web Application (PWA):

A Step-by-Step Guide
Progressive Web Applica ons (PWAs) combine the best of web and mobile applica ons, delivering an
engaging user experience across various devices. This demonstra on outlines the process of building a
PWA.

Fig. 14.2.3 PWA versus na ve app

Step 1: Understanding PWAs

· Define the characteris cs of PWAs, including responsiveness, offline func onality, and app-like
experiences.

· Recognize the benefits of PWAs, such as improved performance and discoverability.

Step 2: Set Up a Basic Web App
· Create a basic web applica on with HTML, CSS, and JavaScript.

· Ensure the web app is responsive and accessible on different devices.

Step 3: Implement App Shell Architecture

· Design an app shell to provide a basic structure and UI for the PWA.

· Separate content from the shell for dynamic loading.

Step 4: Enable Service Workers

· Integrate a service worker to enable offline capabili es.

338
Par cipant Handbook

· Cache essen al assets for offline access and faster loading mes.

Step 5: Add a Web App Manifest

· Create a web app manifest file (manifest.json) to define the PWA's metadata.
· Include details like the app's name, icons, and theme colors.

Step 6: Ensure Responsive Design

· Implement responsive design principles to ensure the PWA adapts to various screen sizes.
· Use CSS media queries for responsive layouts.

Step 7: Implement Push No fica ons

· Enable push no fica ons by integra ng the Push API and No fica on API.
· Implement event listeners for push no fica on events.

Step 8: Test on Different Browsers

· Test the PWA on various browsers to ensure compa bility.

· Address any browser-specific issues or limita ons.

Step 9: Op mize Performance

· Op mize performance by minimizing the use of large assets and unnecessary scripts.
· Implement lazy loading for non-essen al content.
Step 10: Ensure Security
· Ensure secure communica on by serving content over HTTPS.

· Implement security best prac ces to protect against common vulnerabili es.
Step 11: Validate as a PWA
· Validate the PWA using tools like Lighthouse to ensure compliance with PWA standards.
· Address any issues iden fied during valida on.

Step 12: Deploy to a Hos ng Provider

· Deploy the PWA to a hos ng provider that supports HTTPS.
· Choose a reliable hos ng service for op mal performance.

Step 13: Test Offline Func onality

· Test the PWA's offline func onality by disconnec ng from the internet.
· Ensure that cached assets are served, and the app remains func onal.

Step 14: Promote Discoverability

· Implement strategies to promote PWA discoverability, such as registering with search engines.
· Consider adding meta tags for be er search engine op miza on (SEO).

339
 Application Developer-Web & Mobile

By following these steps, developers can build a Progressive Web Applica on (PWA) that combines the
reach of the web with the immersive experience of a na ve app. PWAs offer advantages like offline access,
faster loading, and cross-browser compa bility.

14.2.5 Different Types of Dependencies in Mobile

Application Development
In the dynamic landscape of mobile applica on development, various dependencies shape the course of
a project and influence its ul mate success. These dependencies encompass a wide range of factors that
developers, project managers, and stakeholders must carefully consider throughout the development life
cycle.
Here, we delve into the different types of dependencies associated with mobile applica on development:

Dependency
Dependency Descrip on Significance
Type

Time to Market The dura on required to develop Swi development and deployment are
and launch a mobile applica on. o en essen al for staying compe ve in
rapidly evolving markets.

Access to Device The reliance on device-specific Hardware access is crucial for crea ng
Hardware features such as cameras, GPS, feature-rich applica ons that leverage
Func onality sensors, etc. the capabili es of modern devices.

Support for 3rd Integra on with external services, Enhances the func onality and versa lity
Party APIs, or third-party so ware of the mobile app by leveraging
Integra ons components. established third-party services.

Pla orm- Variances in requirements and Ensures op mal performance and user
Specific func onali es across different experience on each pla orm while
Dependencies mobile pla orms (iOS, Android). adhering to pla orm-specific guidelines.

Network Reliance on a stable network Cri cal for apps with real- me data
Connec vity connec on for certain app synchroniza on, cloud services, or
features. content streaming.

Backend Dependency on backend servers A robust backend infrastructure is

Services for data storage, processing, and essen al for managing data, ensuring
retrieval. security, and facilita ng seamless app
opera on.

Security The requirement to adhere to Protects user data and builds trust by
Dependencies security standards and implement ensuring the confiden ality and integrity
robust security measures. of sensi ve informa on.

340
Par cipant Handbook

Compliance and Adherence to legal and industry- Mi gates legal risks and ensures that
Regula ons specific regula ons. the app aligns with industry standards
and prac ces.

User Interface Considera ons related to UI design A user-friendly interface contributes to

(UI) Design based on the target audience and posi ve user experiences, impac ng
Dependencies their preferences. the app's success.

Budgetary The influence of budget limita ons Balancing features with available
Constraints on technology choices, feature resources is crucial for project viability
priori za on, and development and successful comple on.
speed.

Recognizing and understanding these dependencies early in the development process enables teams to
make informed decisions, plan effec vely, and navigate challenges successfully. Addressing these
dependencies ensures the development of a robust, feature-rich, and user-friendly mobile applica on
that aligns with business objec ves and user expecta ons.

14.2.6 Security Standards and Configurations for Mobile

Applications
Security is a paramount concern in mobile applica on development, given the sensi ve nature of user
data and the poten al risks associated with cyber threats. Adhering to robust security standards and
configura ons is impera ve to safeguard user informa on and maintain the integrity of the applica on.
Here's an explora on of key security aspects in the context of mobile applica on development:
1. Encryp on Mechanisms:

Encryp on involves transforming sensi ve data into a coded format to prevent unauthorized access.

· Configura on: Implement end-to-end encryp on for data in transit and secure storage
mechanisms (e.g., AES encryp on) for data at rest.

· Significance: Protects user data from intercep on during transmission and unauthorized access if
the device is compromised.
2. Secure Authen ca on Prac ces:
Authen ca on verifies the iden ty of users before gran ng access to the applica on.

· Configura on: Use secure authen ca on methods such as mul -factor authen ca on (MFA) and
strong password policies.
· Significance: Mi gates the risk of unauthorized access and enhances overall account security.

341
 Application Developer-Web & Mobile

3. Authoriza on Controls:

Authoriza on ensures that users have appropriate access rights based on their roles.

· Configura on: Implement role-based access control (RBAC) and regularly audit user permissions.
· Significance: Prevents unauthorized ac ons within the applica on and protects sensi ve
func onali es from misuse.

4. Code Obfusca on and Minifica on:

Code obfusca on involves transforming code to make it challenging to understand, while minifica on
reduces code size.

· Configura on: Apply code obfusca on and minifica on techniques to deter reverse engineering.

· Significance: Enhances the security of intellectual property and protects against unauthorized
access to source code.
5. Secure Data Transmission:

Ensuring secure transmission of data between the mobile app and backend servers.
· Configura on: Use secure communica on protocols like HTTPS and TLS for data transmission.
· Significance: Guards against eavesdropping and man-in-the-middle a acks, ensuring the
confiden ality of transmi ed data.
6. Regular Security Audits and Penetra on Tes ng:
Conduc ng thorough security assessments to iden fy vulnerabili es and weaknesses.

· Configura on: Schedule regular security audits and penetra on tes ng to evaluate the
applica on's resilience to a acks.
· Significance: Iden fies and addresses poten al security loopholes, reducing the risk of
exploita on by malicious en es.

7. Secure Offline Storage:

Ensuring the security of data stored locally on the device.
· Configura on: Implement secure storage prac ces, such as encryp ng sensi ve informa on
stored on the device.

· Significance: Protects user data even when the device is offline, minimizing the impact of
poten al device compromises.

8. Secure Push No fica ons:

Ensuring that push no fica ons do not inadvertently reveal sensi ve informa on.
· Configura on: Implement secure no fica on prac ces, avoiding the inclusion of sensi ve data in
push no fica ons.

· Significance: Safeguards user privacy by preven ng exposure of confiden al informa on through

342
Par cipant Handbook

no fica ons.

9. Secure Third-Party Integra ons:

Ensuring that third-party libraries and integra ons do not introduce security vulnerabili es.
· Configura on: Regularly update third-party dependencies and assess their security posture.
· Significance: Mi gates the risk of security vulnerabili es introduced through external
components.
10. Compliance with Privacy Regula ons:
Adhering to relevant privacy regula ons and standards.

· Configura on: Stay informed about and comply with data protec on laws (e.g., GDPR, CCPA).

· Significance: Avoids legal repercussions and fosters trust by respec ng user privacy rights.
By me culously configuring and adhering to these security standards, mobile applica on developers can
create robust, secure applica ons that inspire user confidence and withstand the challenges posed by
evolving cybersecurity threats.

14.2.7 Securing Data on Mobile Devices: Encryption and

Obfuscation
Securing data on mobile devices is a cri cal aspect of mobile applica on development, ensuring the
confiden ality and integrity of sensi ve informa on stored locally. Employing encryp on and
obfusca on techniques adds layers of protec on against unauthorized access and data breaches.
Here's a prac cal guide on how to secure data on mobile devices:

1. Encryp on Implementa on:

· Objec ve: Protect sensi ve data by encryp ng it, making it unreadable without the
appropriate decryp on key.
· Steps:

o Iden fy Sensi ve Data: Determine the types of data that require encryp on, such as
user creden als, financial informa on, or personal details.
o Select Encryp on Algorithms: Choose robust encryp on algorithms (e.g., AES, RSA)
based on the specific security requirements of the applica on.

o Implement Encryp on in Code: Integrate encryp on mechanisms into the applica on

code to encrypt sensi ve data before storage.
o Secure Key Management: Safeguard encryp on keys using secure key management
prac ces to prevent unauthorized access.

343
 Application Developer-Web & Mobile

· Example (Android - Java):

// Encrypt sensi ve data before storage

String encryptedData = Encryp onU ls.encrypt(data, encryp onKey);

2. Obfusca on Techniques:
· Objec ve: Apply obfusca on to make the codebase less understandable and deter reverse
engineering a empts.

· Steps:

o Use Code Obfuscators: Leverage code obfusca on tools (e.g., ProGuard for Android) to
obfuscate the applica on's bytecode.
o Rename Classes and Methods: Change the names of classes, methods, and variables to
obscure the code's logic and purpose.
o Remove Debug Informa on: Strip away debug informa on to complicate the analysis of
the applica on by poten al a ackers.

o Op mize and Shrink Code: Op mize and shrink the code to reduce its size and
complexity, making it more challenging to reverse engineer.
· Example (ProGuard Configura on - Android):

# ProGuard configura on file

-op miza onpasses 5

-overloadaggressively
-repackageclasses ''

-allowaccessmodifica on
3. Secure Storage of Encrypted Data:
· Objec ve: Store encrypted data securely on the mobile device to prevent unauthorized access.
· Steps:

o U lize Secure Storage: Choose secure storage mechanisms provided by the mobile
pla orm (e.g., Android Keystore, iOS Keychain).
o Implement Secure File Storage: Encrypt files containing sensi ve data and store them in
secure directories.

o Authen cate Users for Access: Implement user authen ca on mechanisms to control
access to encrypted data.
· Example (Android - Keystore):

// Use Android Keystore for secure key storage

KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");

344
Par cipant Handbook

keyStore.load(null);
4. Regularly Update Security Measures:
· Objec ve: Stay proac ve by upda ng encryp on algorithms, obfusca on techniques, and
security prac ces.

· Steps:

o Monitor Security Best Prac ces: Stay informed about the latest best prac ces in
encryp on, obfusca on, and mobile security.
o Regularly Update Libraries: Keep encryp on libraries, obfusca on tools, and security-
related dependencies up to date.
o Conduct Security Audits: Periodically assess the applica on's security posture through
security audits and tes ng.

By combining encryp on and obfusca on, developers can for fy the security of data stored on mobile
devices, establishing a robust defense against unauthorized access and poten al security threats.

14.2.8 A/B Testing in Mobile Application Development

A/B tes ng, also known as split tes ng, is a crucial methodology in mobile applica on development for
evalua ng the performance and user response to different varia ons of features or designs. It involves
comparing two or more versions of an element to determine which one performs be er.

Here's a step-by-step demonstra on of A/B tes ng in the context of mobile applica on development:
1. Define Tes ng Objec ves:
· Objec ve: Clearly define what aspects of the applica on you want to test and improve, such as
user engagement, conversion rates, or feature preferences.

· Steps:
o Iden fy Key Metrics: Choose measurable metrics that align with the overall goals of the
applica on, such as click-through rates, user reten on, or in-app purchases.

2. Iden fy Varia ons:

· Objec ve: Create varia ons (A and B) with specific changes to test user preferences or the
effec veness of new features.
· Steps:

o Version A (Control): This is the exis ng version or the current state of the applica on.

o Version B (Variant): Introduce varia ons such as different UI designs, bu on

placements, or feature modifica ons.

345
 Application Developer-Web & Mobile

3. Implement A/B Tes ng Framework:

· Objec ve: Integrate an A/B tes ng framework or tool into the mobile applica on to track and
analyze user interac ons with the varia ons.

· Steps:

o Choose A/B Tes ng Tools: Select a reliable A/B tes ng tool suitable for mobile pla orms
(e.g., Firebase A/B Tes ng, Op mizely).
o Integrate SDK: Integrate the chosen SDK into the mobile applica on codebase to enable
A/B tes ng capabili es.
4. Randomize User Assignment:

· Objec ve: Ensure unbiased results by randomly assigning users to different varia ons of the
applica on.
· Steps:

o Use Randomiza on: Implement a randomiza on algorithm within the A/B tes ng
framework to assign users to either version A or B.
5. Run the A/B Test:
· Objec ve: Collect data and insights by running the A/B test over a predetermined period.

· Steps:
o Define Test Dura on: Specify the dura on for running the A/B test, considering factors
like user traffic and sta s cal significance.

o Monitor Metrics: Con nuously monitor the selected metrics to assess how each
varia on performs.
6. Analyze Results:
· Objec ve: Analyze the collected data to determine which varia on performs be er based on
the defined metrics.

· Steps:

o Sta s cal Analysis: Use sta s cal methods to analyze the results and determine if the
observed differences are sta s cally significant.
o Iden fy Winning Varia on: Declare the varia on that outperforms others as the winning
version.
7. Implement Changes:

· Objec ve: Based on the A/B test results, implement the preferred changes in the mobile
applica on.
· Steps:

o Apply Changes: Integrate the changes from the winning varia on into the main

346
Par cipant Handbook

codebase of the mobile applica on.

o Iterate if Necessary: If further op miza on is needed, iterate the A/B tes ng process
with new varia ons.
8. Monitor Con nuous Improvement:

· Objec ve: Emphasize con nuous improvement by regularly conduc ng A/B tests and refining
the applica on based on user feedback and evolving objec ves.

· Steps:
o Regular Tes ng: Periodically conduct A/B tests for new features, updates, or
op miza ons.

o Incorporate Feedback: Act on user feedback and insights gained from A/B tes ng to
enhance the applica on con nuously.
A/B tes ng provides a systema c and data-driven approach to making informed decisions about the
features, design, and func onality of a mobile applica on, contribu ng to its overall success and user
sa sfac on.

14.2.9 Building A/B Testing Capabilities for Product and

Feature Testing
A/B tes ng is a powerful method for tes ng products and features to op mize user experiences and
achieve desired outcomes. Building A/B tes ng capabili es involves integra ng tools and frameworks
that facilitate the comparison of different varia ons. Here's a step-by-step explana on of how to build
A/B tes ng capabili es for tes ng products and features in the context of mobile applica on
development:

Fig. 14.2.3 PWA versus na ve app

1. Define Tes ng Objec ves:

347
 Application Developer-Web & Mobile

· Objec ve: Clearly define the goals and objec ves of the A/B tes ng for products and features.
· Steps:
o Iden fy Tes ng Goals: Determine what specific aspects of products or features you
want to op mize, such as user engagement, conversion rates, or feature effec veness.
2. Choose A/B Tes ng Tools:
· Objec ve: Select a reliable A/B tes ng tool that aligns with the requirements of mobile
applica on development.
· Steps:
o Research A/B Tes ng Tools: Explore available A/B tes ng tools suitable for mobile
pla orms (e.g., Firebase A/B Tes ng, Op mizely, App mize).
o Select Appropriate Tool: Choose a tool based on features, ease of integra on, and
compa bility with the mobile applica on.
3. Integrate A/B Tes ng SDK:
· Objec ve: Integrate the selected A/B tes ng tool's So ware Development Kit (SDK) into the
mobile applica on's codebase.
· Steps:
o Access SDK Documenta on: Refer to the documenta on provided by the chosen A/B
tes ng tool for integra ng the SDK.
o Follow Integra on Guidelines: Follow step-by-step guidelines to incorporate the SDK
into the applica on's source code.
4. Set Up Tes ng Environments:
· Objec ve: Configure tes ng environments to ensure that A/B tests are conducted in controlled
and consistent condi ons.
· Steps:
o Define Tes ng Environments: Create separate environments for tes ng, such as staging
or development environments, to avoid interference with the live produc on version.
o Configure Tes ng Parameters: Set up parameters within the A/B tes ng tool to control
the distribu on of varia ons in the designated environments.
5. Design A/B Test Varia ons:
· Objec ve: Create different varia ons (A and B) for the products or features under tes ng.
· Steps:
o Iden fy Product/Feature Elements: Determine the specific elements or aspects of the
product or feature to be tested.
o Implement Varia ons: Introduce varia ons in design, func onality, or content to be
tested.
6. Implement Randomiza on Algorithm:
· Objec ve: Randomly assign users to different varia ons to ensure unbiased results.

348
Par cipant Handbook

· Steps:
o Implement Randomiza on: Integrate a randomiza on algorithm within the A/B tes ng
tool to assign users randomly to either version A or B.
7. Monitor and Collect Data:
· Objec ve: Begin the A/B test and monitor user interac ons to collect relevant data.
· Steps:
o Start A/B Test: Ini ate the A/B test within the configured tes ng environment.
o Monitor Metrics: Con nuously monitor key metrics to evaluate the performance of
each varia on.
8. Analyze Test Results:
· Objec ve: Analyze the collected data to determine which varia on performs be er based on
the defined metrics.
· Steps:
o Sta s cal Analysis: Use sta s cal methods to analyze the results and iden fy any
sta s cally significant differences.
o Declare Winning Varia on: Determine the varia on that outperforms others as the
winning version.
9. Implement Changes:
· Objec ve: Apply the changes from the winning varia on to the main codebase of the mobile
applica on.
· Steps:
o Integrate Changes: Implement the successful varia ons into the produc on version of
the mobile applica on.
o Iterate if Necessary: If further op miza on is required, iterate the A/B tes ng process
with new varia ons.
10. Monitor Con nuous Improvement:
· Objec ve: Foster a culture of con nuous improvement by regularly conduc ng A/B tests for
ongoing enhancements.
· Steps:
o Regular Tes ng: Schedule regular A/B tests for new features, updates, or op miza ons.
o Incorporate Feedback: Act on user feedback and insights gained from A/B tes ng to
enhance products and features con nuously.
Building A/B tes ng capabili es enables mobile applica on developers to make data-driven decisions,
enhance user experiences, and op mize the performance of products and features.

349
 Application Developer-Web & Mobile

14.2.10 Creating and Managing Service Configurations

for Mobile Applications
Service configura ons play a crucial role in ensuring the op mal performance and func onality of mobile
applica ons. These configura ons involve managing se ngs related to external services, APIs, and other
dependencies. Here's a detailed guide on crea ng and managing service configura ons for mobile
applica ons:

· Iden fy External Services:

¨ Objec ve: Iden fy the external services, APIs, and dependencies that the mobile applica on
will integrate with.
¨ Steps:

o List Dependencies: Compile a list of external services the mobile applica on relies on,
such as databases, cloud services, authen ca on providers, etc.
o Understand Integra on Points: Gain a clear understanding of how these services
integrate with the mobile applica on.

· Create Configura on Files:

¨ Objec ve: Establish configura on files to store se ngs and parameters for each external
service.
¨ Steps:

o Define Configura on Structure: Design a structure for configura on files, considering

the parameters required for each service.
o Use Standard Formats: U lize standard formats like JSON, YAML, or XML to create
configura on files for ease of readability and maintenance.

· Store Sensi ve Informa on Securely:

¨ Objec ve: Ensure that sensi ve informa on such as API keys and creden als are stored
securely.
¨ Steps:

o Use Encryp on: Employ encryp on mechanisms to secure sensi ve data within
configura on files.
o U lize Secure Storage: Leverage secure storage op ons provided by mobile pla orms to
protect sensi ve informa on.

· Implement Environment-Specific Configura ons:

¨ Objec ve: Create configura ons that adapt to different environments (e.g., development,
tes ng, produc on).

¨ Steps:

350
Par cipant Handbook

o Differen ate Environments: Iden fy environment-specific parameters and se ngs.

o Implement Environment Variables: Use environment variables or configura on profiles

to manage environment-specific configura ons.
· Version Control Configura on Files:

¨ Objec ve: Manage and version-control configura on files to track changes and ensure
consistency.
¨ Steps:
o Include in Version Control: Add configura on files to the version control system (e.g.,
Git).

o Document Changes: Provide clear documenta on for changes made to configura ons,
including version informa on.

· Leverage Mobile Pla orm Features:

¨ Objec ve: U lize features provided by mobile pla orms for managing configura ons.
¨ Steps:
o Explore Pla orm-Specific Tools: Inves gate tools and features offered by the mobile
pla orm (e.g., iOS Se ngs.bundle, Android Resources) to manage configura ons.
o Integrate with Mobile Pla orm Services: Integrate configura ons with services
provided by the mobile pla orm for efficient management.

· Implement Remote Configura on Updates:

¨ Objec ve: Enable remote updates for configura ons to facilitate dynamic adjustments
without app updates.
¨ Steps:

o Set Up Remote Configura on Service: Implement a remote configura on service that

allows updates without app releases.
o Define Update Policies: Establish policies for when and how configura ons should be
updated remotely.

· Test Configura ons:

¨ Objec ve: Test configura ons thoroughly to ensure accurate integra on with external
services.
¨ Steps:

o Conduct Unit Tes ng: Perform unit tes ng to validate individual configura ons.

o Integra on Tes ng: Test configura ons in conjunc on with the mobile applica on to
verify seamless integra on.

351
 Application Developer-Web & Mobile

· Monitor and Debug Configura ons:

¨ Objec ve: Implement monitoring and debugging mechanisms to iden fy and resolve
configura on-related issues.
¨ Steps:
o Integrate Logging: Include logging mechanisms to capture configura on-related events
and errors.
o Implement Monitoring Tools: U lize monitoring tools to track the performance of
configura ons during run me.

· Document Configura ons:

¨ Objec ve: Maintain comprehensive documenta on for all configura ons to aid developers
and administrators.
¨ Steps:

o Create Documenta on: Document each configura on parameter, its purpose, and any
dependencies.
o Update Documenta on: Keep documenta on up-to-date with any changes made to
configura ons.

By following these steps, mobile applica on developers can effec vely create and manage service
configura ons, ensuring the seamless integra on of external services and dependencies while
maintaining security and flexibility.

14.2.11 Managing Source Code with Version Control Tools

Version control is an essen al aspect of mobile applica on development, enabling developers to track
changes, collaborate efficiently, and maintain the integrity of the source code. Below is a demonstra on
on how to manage source code using version control tools:
· Choose a Version Control System:

¨ Objec ve: Select a version control system (VCS) suitable for mobile applica on development.

¨ Steps:
o Research VCS Op ons: Explore popular version control systems like Git, Mercurial, or
SVN.

o Choose Based on Requirements: Select a VCS that aligns with the project's collabora on
needs and workflow.
· Set Up a Version Control Repository:

¨ Objec ve: Create a repository to host the source code and facilitate collabora on.

352
Par cipant Handbook

¨ Steps:

o Host Repository: Use pla orms like GitHub, GitLab, or Bitbucket to host the version
control repository.
o Ini alize Repository: Ini alize the repository with an ini al commit, o en containing
the project's ini al codebase.

· Clone the Repository:

¨ Objec ve: Clone the repository to create a local copy on the developer's machine.
¨ Steps:

o Copy Repository URL: Obtain the URL of the hosted repository.

o Clone Repository: Use the VCS command-line or a graphical interface to clone the
repository locally.

· Branching and Merging:

¨ Objec ve: Create branches for feature development and merge changes back into the main
codebase.
¨ Steps:

o Create Branches: Create branches for new features or bug fixes using commands like git
branch.
o Merge Changes: Integrate changes from branches back into the main branch using
commands like git merge.

· Commi ng Changes:

¨ Objec ve: Commit changes locally before pushing them to the central repository.
¨ Steps:

o Stage Changes: Use commands like git add to stage modified files.

o Commit Changes: Commit staged changes with a descrip ve message using commands
like git commit.

· Pushing Changes to the Repository:

¨ Objec ve: Share commi ed changes with the central repository.

¨ Steps:
o Push Changes: Use commands like git push to upload local commits to the central
repository.
o Verify Updates: Ensure that the central repository reflects the latest changes made
locally.

· 7. Pulling Changes from the Repository:

353
 Application Developer-Web & Mobile

¨ Objec ve: Update the local codebase with changes made by other developers.

¨ Steps:

o Pull Changes: Use commands like git pull to fetch and merge changes from the central
repository.
o Resolve Conflicts: Address any conflicts that may arise during the pull process.

· Tagging Releases:
¨ Objec ve: Create tags to mark specific releases or milestones in the project.
¨ Steps:

o Tag Releases: Use commands like git tag to create tags for significant releases.
o Push Tags: Share tags with the central repository using commands like git push --tags.
· Collabora on and Code Reviews:

¨ Objec ve: Facilitate collabora on by incorpora ng code review prac ces.

¨ Steps:
o Create Pull Requests: Ini ate pull requests for proposed changes.

o Review Code: Collaborate with team members to review and discuss proposed changes.

· Con nuous Integra on Integra on:

¨ Objec ve: Integrate version control with con nuous integra on (CI) systems.

¨ Steps:

o Connect CI Services: Configure CI services to monitor the version control repository.

Automate Builds and Tests: Set up automated build and tes ng processes triggered by
o
code changes.
By following these steps, developers can effec vely manage source code using version control tools,
promo ng collabora on, and ensuring a well-documented and controlled development workflow.

14.2.12 Exploring Popular App Stores

Mobile applica ons are distributed through various app stores, each with its unique characteris cs and
user base. Let's delve into popular app stores and understand their significance in the mobile applica on
development landscape:

· Google Play Store:

o Overview: Operated by Google, the Play Store is the primary app distribu on pla orm for
Android devices.

o Developer Console: Developers use the Google Play Console to publish and manage their

354
Par cipant Handbook

Android applica ons.

o Global Reach: Widely accessible, the Play Store caters to a diverse global audience of
Android users.

o Mone za on: Offers various mone za on op ons, including in-app purchases and
subscrip on models.

· Apple App Store:

o Overview: Managed by Apple, the App Store is the official distribu on pla orm for iOS
applica ons.
o Xcode Integra on: iOS developers use Xcode and the Apple Developer Program for app
submission.

o Quality Control: Stringent app review processes ensure quality and security standards.
o Ecosystem Integra on: Apps are ghtly integrated with the iOS ecosystem, providing a
seamless user experience.

· Microso Store:
o Overview: The Microso Store serves as the app distribu on pla orm for Windows
applica ons across devices.

o Universal Windows Pla orm (UWP): Developers can create UWP apps compa ble with
various Windows devices.
o Windows App Cer fica on Kit: Ensures apps meet Windows quality and performance
standards.

o Integra on with Windows 10: Apps contribute to the Windows 10 ecosystem and support
features like Live Tiles.
· Amazon Appstore:

o Overview: Amazon's Appstore offers Android applica ons and is available on Kindle Fire
and other Android devices.
o Amazon Developer Console: Developers use this pla orm to publish and manage their
apps for Amazon devices.

o In-App Purchases: Supports in-app purchases and integra on with Amazon services.
o Amazon Underground: Featured apps may be eligible for inclusion in Amazon
Underground, offering unique mone za on op ons.

· Samsung Galaxy Store:

o Overview: Specifically for Samsung devices, the Galaxy Store provides applica ons and
services.

o Samsung Developer Program: Developers can leverage the Samsung Developer Program

355
 Application Developer-Web & Mobile

for app crea on and distribu on.

o Device Op miza on: Apps can be op mized for Samsung's unique hardware features.

o Galaxy Themes: Includes a sec on for themes, wallpapers, and other customiza on
op ons.
· Huawei AppGallery:
o Overview: Huawei's App Gallery is the official app distribu on pla orm for Huawei
devices.

o HMS Core: Developers integrate Huawei Mobile Services (HMS) Core for addi onal
func onali es.

o Global Expansion: Focuses on global expansion, with an emphasis on markets outside

China.
o Alterna ve to Google Play: Becoming a significant player, especially in regions where
Google services may be limited.

Understanding the nuances of each app store is crucial for developers, as it influences distribu on, reach,
and the overall success of a mobile applica on. Developers may choose to publish their apps on mul ple
stores to maximize visibility and cater to diverse user bases.

14.2.13 Publishing Mobile Applications on App Stores

Publishing a mobile applica on on app stores involves a series of steps to make the app accessible to users
worldwide. Let's explore the general process for publishing on popular app stores:
· Google Play Store (Android):

¨ Create a Developer Account:

o Sign up for a Google Play Developer account.

o Pay a one- me registra on fee.
¨ Prepare App Assets:

o Ensure your app complies with Google Play policies.

o Prepare app assets such as icons, screenshots, and promo onal graphics.
¨ Use the Google Play Console:

o Log in to the Google Play Console.

o Complete the required informa on about your app.
¨ Upload APK (Android Package):

o Upload the compiled APK file of your Android app.

356
Par cipant Handbook

o Set up pricing and distribu on op ons.

· Submit for Review:

o Submit your app for review by the Google Play team.

o Await approval before the app becomes live.
· Apple App Store (iOS):

¨ Enroll in the Apple Developer Program:

o Enroll in the Apple Developer Program on the Apple Developer website.
¨ Prepare App for Submission:

o Ensure your app adheres to Apple's App Store Review Guidelines.

o Prepare app assets, including screenshots, icons, and a detailed descrip on.
¨ Use Xcode for Submission:

o Use Xcode, Apple's integrated development environment, to archive and submit your
app.
o Set up pricing, availability, and other app details.

¨ App Review Process:

o oApple conducts a thorough review of the app for compliance and quality.
o oOnce approved, the app is published on the App Store.
· Microso Store (Windows):

¨ Join the Microso Developer Program:

o oJoin the Microso Developer Program on the Microso Developer website.
¨ Package and Distribute:

o oPackage your Windows app using the Universal Windows Pla orm (UWP).
o oDistribute through the Microso Store.
¨ App Cer fica on:

o Run your app through the Windows App Cer fica on Kit for quality assurance.

o Address any issues iden fied during the cer fica on process.
¨ Submit to the Microso Store:

o Submit your app through the Microso Partner Center.

o Set pricing, availability, and maazon Appstore:

¨ Create a Developer Account:

o Register for an Amazon Developer account on the Amazon Developer website.

357
 Application Developer-Web & Mobile

¨ Prepare App for Submission:

o Ensure your app meets Amazon's Appstore Submission Policies.
o Prepare app assets, including icons and screenshots.

¨ Use the Developer Console:

o Log in to the Amazon Developer Console.

o Submit your app, set pricing, and manage distribu on op ons.

¨ Review and Publica on:

o Amazon reviews the app for quality and compliance.

o Once approved, the app is published on the Amazon Appstore.

The specific steps may vary for different app stores, but the fundamental process involves crea ng
accounts, preparing app assets, submi ng through a developer console, undergoing review, and
managing the app's details. Developers should stay informed about each app store's guidelines to ensure
successful publica on and visibility of their mobile applica ons.

14.2.14 Building Test Cases for Pre-launch Testing of

Mobile Applications
Before launching a mobile applica on, thorough tes ng is crucial to ensure its func onality, performance,
and user experience meet the desired standards. Building effec ve test cases is an essen al part of this
process.

Below is a demonstra on of how to create test cases for pre-launch tes ng:
· Define Test Objec ves:
¨ Clearly define the objec ves of the tes ng phase.

¨ Iden fy cri cal areas such as func onality, usability, performance, and security.
· Iden fy Test Scenarios:
¨ Break down the applica on into scenarios that cover different use cases.

¨ Iden fy posi ve and nega ve scenarios to validate expected behavior.

· Create Test Cases:
¨ For each test scenario, create detailed test cases.

¨ Specify input data, expected outcomes, and steps to execute the test.
¨ Example: Login Func onality Test Case
o Test Objec ve: Ensure users can log in successfully.

o Test Steps:

358
Par cipant Handbook

§ Open the mobile app.

§ Navigate to the login screen.

§ Enter valid login creden als.

§ Click the login bu on.

§ Verify successful login and correct redirec on.

¨ Example: Data Input Valida on Test Case
o Test Objec ve: Validate the input of user registra on data.

o Test Steps:
§ Open the registra on screen.
§ Enter invalid data (e.g., incorrect email format).

§ Submit the registra on form.

§ Verify the app displays appropriate error messages.
§ Correct the input and re-submit.

· Priori ze Test Cases:

o Priori ze test cases based on their impact on the applica on.
o Focus on cri cal func onali es and high-risk areas first.

· Leverage Automa on for Repe ve Tests:

o For repe ve and regression tests, consider using automa on tools.

o Write automated scripts to execute test cases efficiently.

· Perform Integra on Tes ng:

o Test the interac on between different components and modules.

o Verify seamless data flow and communica on.

· Test Across Various Devices and Pla orms:

o Ensure compa bility by tes ng on different devices (Android, iOS) and pla orms.
o Address device-specific challenges and varia ons.
· Security Tes ng:

o Implement security-focused test cases to iden fy vulnerabili es.

o Check for secure data transmission, storage, and handling.
· Usability Tes ng:

o Evaluate the app's user interface and overall user experience.

359
 Application Developer-Web & Mobile

o Test naviga on, accessibility, and responsiveness.

· Performance Tes ng:

o Assess the app's performance under various condi ons (e.g., low network, high load).

o Iden fy and address poten al bo lenecks.

· Collaborate with Stakeholders:

o Share test cases with stakeholders to gather feedback.
o Iterate on test cases based on feedback and changing requirements.

· Document Test Results:

o Record the outcomes of each test case.
o Document any issues encountered, providing details for developers.

By systema cally crea ng and execu ng test cases, developers can ensure the mobile applica on is
robust, user-friendly, and ready for a successful launch. Regular tes ng itera ons and collabora on with
stakeholders contribute to the overall quality of the applica on.

14.2.15 Running Unit Tests on Different Units of a

Mobile Application
Unit tes ng is a crucial aspect of mobile applica on development, involving the evalua on of individual
units or components to ensure they func on as expected. Let's demonstrate how to run unit tests on
different units of a mobile applica on:

· Set Up Unit Tes ng Framework:

o Choose a unit tes ng framework suitable for the mobile pla orm (e.g., JUnit for Android,
XCTest for iOS).

o Integrate the unit tes ng framework into the development environment.

· Iden fy Units for Tes ng:
o Iden fy individual units or components within the mobile applica on that need tes ng.

o Units can include func ons, classes, methods, or modules.

· Write Unit Test Cases:
o Develop unit test cases for each iden fied unit.

o Focus on tes ng the func onality, input valida on, and edge cases.

Example: Tes ng a Login Module

o Test Case: Verify that the login module handles valid and invalid creden als appropriately.

360
Par cipant Handbook

func testValidLogin() {
let loginResult = LoginModule.login(username: "validUser", password: "validPassword")

XCTAssertTrue(loginResult, "Login with valid creden als should succeed.")

}
func testInvalidLogin() {

let loginResult = LoginModule.login(username: "invalidUser", password: "invalidPassword")

XCTAssertFalse(loginResult, "Login with invalid creden als should fail.")

}

· Run Unit Tests Locally:

o Execute unit tests directly within the development environment.

o Observe the test results and iden fy any failures.

· U lize Emulators/Simulators:

o Use emulators (Android) or simulators (iOS) to run unit tests on virtual devices.
o Ensure compa bility with different device configura ons.
· 6. Integrate with Con nuous Integra on (CI) Tools:

o Integrate unit tests into CI tools like Jenkins, Travis CI, or GitHub Ac ons.
o Automate the execu on of unit tests with each code commit.
· Monitor Code Coverage:

o ·Track code coverage to ensure that unit tests adequately cover the applica on's codebase.
o ·Iden fy areas with low coverage for further tes ng.
· Evaluate Performance of Units:

o Assess the performance of individual units, ensuring they meet response me

expecta ons.
o Iden fy and address performance bo lenecks.

· Test Excep on Handling:

o Include test cases that evaluate the applica on's response to excep ons or error
condi ons.
o Ensure proper error handling within units.

· Collaborate with Developers:

o Share unit test results with developers.
o Collaborate on resolving any iden fied issues or failures.

361
 Application Developer-Web & Mobile

· Run Tests on Different Environments:

o Test units on various environments, considering factors like network condi ons and device
specifica ons.

o Validate consistent behavior across different setups.

· Integrate with Version Control:

o Incorporate unit tests into version control prac ces.

o Ensure that unit tests accompany code changes in the version control system.
By following these steps, developers can systema cally run unit tests on different units of a mobile
applica on. Regularly conduc ng unit tes ng contributes to the overall reliability and maintainability of
the mobile applica on.

14.2.16 Automating Testing Using Appium for Mobile

Applications
Automa ng tes ng processes is essen al for ensuring the robustness and efficiency of mobile
applica ons. Appium, a widely used open-source automa on framework, facilitates automated tes ng
for various mobile pla orms. Let's demonstrate how to automate tes ng using Appium:

· Install Appium:
o Download and install Appium on the development machine.

o Set up dependencies, such as Node.js and Appium Server.

· Set Up Appium Project:

o Ini alize a new Appium project using a preferred programming language (e.g., Java, Python,
JavaScript).

o Configure project se ngs and dependencies.

· Connect Mobile Device/Emulator:
o Connect the mobile device or emulator to the development machine.

o Ensure that USB debugging is enabled for Android devices.

· Iden fy Mobile Applica on Elements:
o Iden fy the elements (bu ons, text fields, etc.) in the mobile applica on to interact with
during tes ng.

o Use Appium Inspector or other tools to inspect elements.

· Write Appium Test Scripts:

o Develop test scripts using the chosen programming language and Appium libraries.

362
Par cipant Handbook

· U lize Appium's commands to interact with mobile applica on elements.

Example: Automa ng Login Scenario

// Java Example using TestNG
@Test

public void testLogin() {

// Find username and password fields

MobileElement usernameField = driver.findElement(By.id("username"));

MobileElement passwordField = driver.findElement(By.id("password"));

// Enter creden als

usernameField.sendKeys("user123");

passwordField.sendKeys("pass123");

// Find and click the login bu on

MobileElement loginBu on = driver.findElement(By.id("loginBu on"));

loginBu on.click();

// Assert login success based on the expected result

Assert.assertTrue(driver.findElement(By.id("welcomeMessage")).isDisplayed());
}

· Configure Desired Capabili es:

o Specify desired capabili es to define the tes ng environment (device, pla orm, app path,
etc.).

o Ensure accurate configura on for both Android and iOS.

· Run Appium Tests:

o Execute Appium tests locally on the development machine.

o Observe the test execu on on the connected mobile device or emulator.

· Implement Test Asser ons:

o Include asser ons in test scripts to validate expected outcomes.

o Ensure that the applica on behaves as intended during automated interac ons.

· Integrate with Con nuous Integra on (CI) Tools:

o Incorporate Appium tests into CI tools like Jenkins, Travis CI, or GitLab CI.
o Automate the execu on of Appium tests with each code commit.

363
 Application Developer-Web & Mobile

· Monitor Test Results:

o Monitor test results and iden fy any failures or issues.

o Generate test reports for comprehensive result analysis.
· Scale Tes ng for Different Devices:

o Extend test coverage by scaling tests to run on various devices and emulators.

o Validate applica on compa bility across different screen sizes and resolu ons.
· Maintain Test Scripts:

o Regularly update test scripts to accommodate changes in the applica on.

o Maintain synchroniza on between applica on updates and corresponding test scripts.

Automa ng tes ng with Appium streamlines the tes ng process, enhances test coverage, and
contributes to the overall reliability of mobile applica ons. Regularly conducted automated tests ensure
that new features or changes do not introduce regressions or break exis ng func onality.

364
Par cipant Handbook

Exercise
Answer the following ques ons:
Short Ques ons:
1. What is the dis nc on between func onal and non-func onal requirements in mobile
applica on development?
2. Why are user experience requirements crucial in mobile applica on development?
3. Explain the significance of developing a cross-pla orm mobile applica on.
4. In what scenarios is building a Progressive Web Applica on (PWA) advantageous?
5. What are the different types of dependencies associated with mobile applica on development?
Fill-in-the-Blanks:
1. A/B tes ng involves comparing two versions of a product or feature to determine which
performs __________.
a. worse
b. be er
2. Managing service configura ons for mobile applica ons involves crea ng and overseeing
se ngs for __________.
a. hardware components
b. applica on services
3. Version control tools help in efficiently managing changes to the __________ of a mobile
applica on.
a. user interface
b. source code
4. App-stores serve as pla orms for users to download and install __________ applica ons.
a. web
b. mobile
5. Running unit tests on different units of the mobile applica on ensures __________ func onality.
a. isolated
b. interconnected
True/False Ques ons:
1. Security standards and configura ons are essen al for protec ng mobile applica ons from
vulnerabili es.
2. A Progressive Web Applica on (PWA) requires installa on from an app-store to func on on
mobile devices.
3. Automated tes ng using tools like Selenium and Appium is beneficial for ensuring 18
4. A/B tes ng involves comparing mul ple versions of a product simultaneously.
5. Managing source code with version control tools facilitates collabora on among development
teams and ensures code integrity.

365
 Application Developer-Web & Mobile

Notes

QR Code
Scan the QR Code to watch the related videos

h ps://youtu.be/sRjuAb2UZg8
Deployment of Mobile Applica ons

366
Par cipant Handbook

367
15. Back-end Engineering
Elective - 3

Unit 15.1 - Back-end Engineering

SSC/N8416
Par cipant Handbook

Key Learning Outcomes

At the end of this module, you will be able to:

1. Explain what back-end engineering is and how to demarcate between font-end and back-end
responsibili es
2. Discuss how to iden fy the scope of back-end opera ons and func onali es
3. Design and develop server end-points to connect back- end servers with the client

4. Develop stubs for upstream and backstream

5. List the different types of back-end applica on dependencies (such as Databases, Caching,
Messaging Queues, Web services, HTTP APIs etc.)

6. Demonstrate how to map applica on dependencies

7. Create databases using different Database Management Systems (DBMS)
8. Demonstrate how to integrate database management systems with different sub-systems

9. Explain what is caching and discuss popular caching solu ons

10. Explain what message queues are and why are they used
11. Demonstrate how to create micro-services

12. Demonstrate how to create reusable RESTful and secure APIs

13. Document the func onali es of backend APIs

14. Explain how to build scalable and reliable back-end systems

15. Discuss how to scale applica ons horizontally using auto-scaling and load balancing solu ons

16. Demonstrate how to deploy back-end systems on cloud pla orms (such as AWS, Azure etc.)
17. Explain how to manage security configura ons of back-end applica ons
18. Demonstrate how to encrypt data in transit and data at rest

19. Discuss the concepts of Iden ty and Access Management (IAM)

20. Examine how to test back- end func onalist using scripts

369
 Application Developer-Web & Mobile

Unit 15.1 Back-end Engineering

Unit Objectives
At the end of this unit, you will be able to:
1. Explain what back-end engineering is and how to demarcate between font-end and back-end
responsibili es

2. Discuss how to iden fy the scope of back-end opera ons and func onali es
3. List the different types of back-end applica on dependencies (such as Databases, Caching,
Messaging Queues, Web services, HTTP APIs etc.)

4. Design and develop server end-points to connect back- end servers with the client
5. Develop stubs for upstream and backstream
6. Demonstrate how to map applica on dependencies

7. Create databases using different Database Management Systems (DBMS)

8. Demonstrate how to integrate database management systems with different sub-systems
9. Explain what is caching and discuss popular caching Solu ons

10. Explain what message queues are and why are they used

11. Demonstrate how to create micro-services

12. Demonstrate how to create reusable RESTful and secure APIs

13. Document the func onali es of backend APIs

14. Explain how to build scalable and reliable back-end systems

15. Discuss how to scale applica ons horizontally using auto-scaling and load balancing solu ons

16. Demonstrate how to deploy back-end systems on cloud pla orms (such as AWS, Azure etc.)

17. Explain how to manage security configura ons of back-end applica ons
18. Demonstrate how to encrypt data in transit and data at rest
19. Discuss the concepts of Iden ty and Access Management (IAM)

20. Examine how to test back- end func onalist using scripts

15.1.1 Back-end Engineering

Back-end engineering involves the development and maintenance of the server-side components of a
so ware applica on. Back-end engineers focus on building the server logic, databases, APIs (Applica on
Programming Interfaces), and other infrastructure that enable the func onality and communica on
between the server and client-side components. They work to ensure data storage, retrieval, and

370
Par cipant Handbook

processing are efficient, and that the applica on func ons reliably. Back-end engineering is cri cal for
handling business logic, authen ca on, and server-side opera ons that contribute to the overall
performance and func onality of web and mobile applica ons.
Front-End Responsibili es Vs. Back-End Responsibili es

Aspect Front-end Development Back-end Development

Focus User Interface and User Server-Side Logic and Data

Experience Management

Languages HTML, CSS, JavaScript Java, Python, Ruby, PHP, Node.js,

C#, etc.

Responsibili es Design, User Interac on, Client- Server Logic, Database

Side Logic Management, API Development

User Interac on Manages UI, Responsiveness, User Processes User Requests, Executes
Experience Business Logic

Presenta on Deals with how informa on is Handles Data Processing and

Layer displayed Retrieval

Data Storage Limited to Local Storage and Manages Databases, Ensures Data
Caching Integrity and Security

Communica on Requests and Communicates with Receives and Processes Requests

the Server from the Front-end

Security Focus on Client-Side Security Implements Server-Side Security

Measures Measures

Frameworks React, Angular, Vue Express, Django, Flask, Ruby on

Rails, ASP.NET

Table 15.1.1 Difference between Front-End and Back-End

15.1.2 Scope of Back-End Operations

· Iden fying the scope of back-end opera ons and func onali es is a cri cal step in the
development process, as it sets the founda on for building a robust and efficient server-side
infrastructure. Here are steps to help iden fy and define the scope of back-end opera ons:
· Understand Business Requirements: Start by thoroughly understanding the business
requirements and objec ves of the applica on. Engage with stakeholders, including product
managers and business analysts, to gather insights into the desired func onality and overall goals.

371
 Application Developer-Web & Mobile

· Define User Stories: Break down the high-level requirements into specific user stories that
represent dis nct features or func onali es. User stories help in iden fying the specific ac ons
and opera ons that the back-end must support.
· Map Front-End Interac ons: Analyze the front-end components, such as user interfaces and
interac ons, to iden fy the corresponding back-end opera ons. Consider how user ac ons on the
front-end translate into server-side opera ons, data processing, and responses.
· Iden fy Data Requirements: Determine the data that needs to be managed by the back-end.
Iden fy the types of data, their rela onships, and how they should be stored, retrieved, and
manipulated. This includes considera ons for databases, data models, and data integrity.

· Consider Authen ca on and Authoriza on: Define the authen ca on and authoriza on
mechanisms required for the applica on. Iden fy how users will be authen cated, what roles and
permissions they will have, and how access to resources will be controlled.

· Outline Business Logic: Specify the business logic that needs to be implemented on the server
side. This involves understanding the rules, calcula ons, and processes that drive the applica on's
core func onality. Break down complex logic into manageable components.

· API Design and Endpoints: Design the applica on programming interfaces (APIs) that will expose
back-end func onality to the front-end and external services. Iden fy the endpoints, HTTP
methods, and data formats that will be used for communica on.
· Performance Considera ons:Consider performance requirements and constraints. Iden fy
poten al bo lenecks, such as heavy database queries or resource-intensive opera ons, and plan
for op miza on strategies.
· Error Handling and Logging: Define how the back-end will handle errors and excep ons. Establish
logging mechanisms to capture relevant informa on for troubleshoo ng and monitoring. Ensure
that error responses provide meaningful feedback to the front-end.

15.1.3 Back-End Application Dependencies

Back-end applica ons o en rely on various dependencies to perform their opera ons efficiently and
effec vely. Here are different types of back-end applica on dependencies:
· Databases: Databases are crucial for storing and retrieving data. They come in various types,
including rela onal databases (e.g., MySQL, PostgreSQL), NoSQL databases (e.g., MongoDB,
Cassandra), and in-memory databases (e.g., Redis).
· Caching Systems: Caching systems store frequently accessed data in memory to reduce response
mes. Popular caching systems include Redis and Memcached.

372
Par cipant Handbook

· Messaging Queues: Messaging queues facilitate communica on between different components

of an applica on. They help decouple processes and enable asynchronous communica on.
Examples include RabbitMQ and Apache Ka a.

· Web Services: Web services allow communica on and data exchange over the internet. This can
include RESTful APIs, SOAP services, or other web-based protocols that enable interac ons
between different systems.

· HTTP APIs: HTTP APIs (Applica on Programming Interfaces) provide a way for different so ware
applica ons to communicate over the Hypertext Transfer Protocol (HTTP). These APIs can be
RESTful or follow other architectural styles.
· External APIs: Back-end applica ons o en integrate with external APIs provided by third-party
services. These could include payment gateways, social media APIs, geoloca on services, and
more.
· Authen ca on and Authoriza on Services: Services that handle user authen ca on and
authoriza on, ensuring secure access to resources. Examples include OAuth providers or custom
authen ca on services.
· File Storage Systems: Back-end applica ons o en need to store and retrieve files. File storage
systems, such as Amazon S3 or Azure Blob Storage, provide scalable and reliable storage solu ons.

· Search Engines: Search engines help in efficiently searching and retrieving data. Elas csearch and
Apache Solr are examples of search engines commonly used in back-end applica ons.
· Monitoring and Logging Services: Services for monitoring applica on performance, tracking
errors, and logging relevant informa on. Examples include ELK Stack (Elas csearch, Logstash,
Kibana) and Sentry.
· Task Queues: Task queues manage the execu on of background tasks asynchronously. This is
useful for handling me-consuming processes without affec ng the main applica on flow. Celery
is a popular task queue.

· Containeriza on and Orchestra on: Containeriza on pla orms like Docker and orchestra on
tools like Kubernetes are dependencies for managing the deployment and scaling of applica ons
in a consistent and efficient manner.

· Authen ca on and Authoriza on Libraries: Libraries and frameworks that assist in implemen ng
secure authen ca on and authoriza on processes within the back-end code. Examples include
Passport.js for Node.js applica ons.

· Payment Processors: Integra on with payment processors and gateways to handle financial
transac ons securely. Examples include Stripe, PayPal, and Braintree.
· Analy cs Services: Services that collect and analyze data to provide insights into applica on usage
and performance. Google Analy cs and Mixpanel are examples of analy cs services.

373
 Application Developer-Web & Mobile

· Content Delivery Networks (CDNs): CDNs help in delivering content, such as images and sta c
files, more efficiently by caching and distribu ng it across mul ple servers globally. Examples
include Cloudflare and Akamai.

15.1.4 Develop server end-points

Designing server endpoints involves defining the routes or URLs that the client can use to interact with
the back-end server. Below are examples of designing server endpoints for a hypothe cal task
management applica on:
Assuming the base URL for API is h ps://api.example.com.

1. Get All Tasks

· Endpoint: GET /tasks
· Descrip on: Retrieve a list of all tasks.

· Example Response:

json

[
{
"id": 1,
" tle": "Complete Project Proposal",
"status": "In Progress"
},
{
"id": 2,
" tle": "Review Code Changes",
"status": "Pending"
}
]

2. Get a Specific Task

· Endpoint: GET /tasks/{taskId}

· Descrip on: Retrieve details of a specific task.

· Example Response:

375
374
Par cipant Handbook

json

[
{
"id": 1,
" tle": "Complete Project Proposal",
"descrip on": "Finish dra ing the project proposal document.",
"status": "In Progress",
"dueDate": "2024-02-15"
}

3. Create a New Task

· Endpoint: POST /tasks

· Descrip on: Create a new task.

· Request Body:

json

{
" tle": "Prepare Presenta on",
"descrip on": "Create slides for the upcoming project presenta on.",
"dueDate": "2024-03-01"
}

· Example Response:

json

{
"id": 3,
" tle": "Prepare Presenta on",
"status": "Pending"
}

4. Update Task Status

· Endpoint: PUT /tasks/{taskId}/status

· Descrip on: Update the status of a task.

· Request Body:

json

{
"status": "Completed"
}

75
 Application Developer-Web & Mobile

· Example Response:

json

{
"status": "Completed"
}

5. Delete a Task
· Endpoint: DELETE /tasks/{taskId}

· Descrip on: Delete a specific task.

· Example Response:

json

{
"message": "Task deleted successfully."
}

15.1.5 Stubs
Stubs are placeholders or mock implementa ons that simulate the behavior of actual components in a
so ware system. They are par cularly useful for development and tes ng when certain components are
not yet available or are undergoing development. In the context of upstream and downstream
components, upstream refers to components that provide data or services to your system, while
downstream refers to components that consume data or services from your system.
· Upstream Stub: The upstream stub simulates the behavior of components or services that your
system relies on. It provides a way for your system to receive data or responses as if it were
interac ng with the actual upstream services.

python

# Example Upstream Stub (Python Flask)

from flask import Flask, jsonify
app = Flask(__name__)

@app.route('/data', methods=['GET'])
def get_upstream_data():
# Simulate data from the upstream service
data = {"id": 123, "name": "Upstream Data"}
return jsonify(data)
if __name__ == '__main__':
app.run(port=5001)

377
Par cipant Handbook

In this example, the stub provides an endpoint '/data' that returns simulated data when your
system requests it.

· Downstream Stub: The downstream stub simulates the behavior of components or services that
consume data or services from your system. It allows your system to send responses as if it were
interac ng with the actual downstream components.

python

# Example Downstream Stub (Python Flask)

from flask import Flask, request, jsonify

app = Flask(__name__)

@app.route('/process', methods=['POST'])
def process_downstream_request():
# Simulate processing of data from your system
request_data = request.get_json()
processed_data = {"id": request_data.get("id"), "status": "Processed"}
return jsonify(processed_data)

if __name__ == '__main__':
app.run(port=5002)

In this example, the stub provides an endpoint '/process' that simulates processing data received from
your system and returns a response.

15.1.6 Mapping Application Dependencies

Mapping applica on dependencies involves iden fying and visualizing the rela onships between
different components or services in a so ware system. This is crucial for understanding how these
components interact with each other. Here's a demonstra on of how to map applica on
dependencies:
1. Iden fy Components: List all the components, services, databases, and external systems that your
applica on depends on or interacts with.

2. Define Rela onships: For each component, iden fy its dependencies and how it interacts with
other components. Common types of rela onships include data flow, API calls, messaging, and
dependencies on external services.

3. Create a Dependency Diagram: Use a diagramming tool or draw a visual representa on of the
applica on dependencies. You can use tools like draw.io, Lucidchart, or even pen and paper.

378
 Application Developer-Web & Mobile


In the diagram:
· Boxes represent components or services.
· Arrows represent the direc on of dependency or interac on.
· Labels on arrows describe the type of rela onship (e.g., HTTP, Database Query).
4. Specify Dependency Types: Differen ate between various types of dependencies. For example:
· HTTP/API Dependencies: Represented by arrows indica ng API calls between
components.
· Database Dependencies: Indicate dependencies on databases.
· Message Queues: Show interac ons via message queues.
· External Services: Highlight dependencies on external services.
5. Document Dependencies:
Add documenta on or notes to explain the nature of each dependency. Include details such as API
endpoints, database schemas, and any relevant configura on parameters.
6. Color Code or Group Components:
Use colors or grouping to visually categorize components. For example, group all database-related
components in one color, external services in another, and so on.
7. Update Regularly:
Keep the dependency diagram up-to-date as the applica on evolves. Update it whenever new
dependencies are introduced or exis ng ones are modified.
Example Dependency Diagram:

sql

+-------------+
| Front-end |
+------+------+
|
+------v------+
| Backend |
+------+------+
|
+------v------+
| Database |
+-------------+

Front-end depends on Backend (HTTP)

Backend interacts with Database (Database Query)

In this simple example:

· The front-end interacts with the back-end using HTTP.
· The back-end communicates with the database through database queries.

379
Par cipant Handbook

15.1.7 Creating New Databases

The process of installing and crea ng new databases can vary depending on the specific database
management system (DBMS) you are using. Here's a general overview, but the steps may differ based
on the DBMS (e.g., MySQL, PostgreSQL, SQLite).
Installing and Crea ng a New Database in MySQL:
· Install MySQL:

o oDownload and install the MySQL database server from the official MySQL website
(h ps://dev.mysql.com/downloads/).
o oFollow the installa on instruc ons for your opera ng system.

· Access MySQL Shell:

o Open a command prompt or terminal window.

o Access the MySQL shell by entering the following command and providing your MySQL user
password when prompted:

m y s q-u
l y o u r_ u se rn a
-pm e

· Create a New Database:

o Once inside the MySQL shell, you can create a new database using the 'CREATE DATABASE'
statement. Replace 'your_database' with the desired database name:

CREATE DATABASE your_database;

· Select the Database:

o To work with the newly created database, use the 'USE' statement:

USE your_database;

· Creae Tables:

o oDefine the structure of your database by crea ng tables. Each table consists of columns
with specific data types. For example:

CREATE TABLE users (id INT AUTO_INCREMENT PRIMARY

KEY, username VARCHAR(50) NOT NULL, email
VARCHAR(100) NOT NULL );

380
 Application Developer-Web & Mobile

· Insert Data:
o Populate the tables with data using the 'INSERT INTO' statement:

INSERT INTO users (username, email) VALUES ('JohnDoe',

'john@example.com');

· Query the Database:

o Retrieve data from the database using the 'SELECT' statement:

SELECT * FROM users;

· Exit the MySQL Shell:

o Once you've completed your tasks, exit the MySQL shell:

EXIT;

15.1.8 Integrating Database Management Systems

Integra ng Database Management Systems (DBMS) with different sub-systems involves establishing
connec ons and communica on channels between the databases and other components or services
within a larger system. Below are general guidelines for integra ng DBMS with different sub-systems:
· Define Integra on Requirements: Clearly define the integra on requirements based on the
needs of your applica on. Iden fy the types of data interac ons required and the func onali es
that different sub-systems should perform with the database.

· Choose Integra on Pa erns: Select appropriate integra on pa erns based on your system
architecture. Common pa erns include:

o Direct Database Connec on: Sub-systems connect directly to the database using na ve
drivers.
o APIs (Applica on Programming Interfaces): Use APIs to expose data and func onali es of
the database.

o Message Queues: Implement asynchronous communica on through message queues.

381
Par cipant Handbook

· Direct Database Connec on: If sub-systems need direct access to the database, provide
connec on details, creden als, and ensure that the necessary drivers or libraries are available.

python

# Example in Python using SQLAlchemy (for rela onal databases)

from sqlalchemy import create_engine

# Replace 'mysql://' and connec on details with the appropriate database URL
engine = create_engine('mysql://user:password@localhost/mydatabase')

· API Integra on: Create APIs to expose specific func onali es or data from the database. Use
RESTful endpoints or GraphQL based on your applica on's requirements.

python

# Example in Python using Flask (for crea ng a simple API)

from flask import Flask, jsonify
from flask_sqlalchemy import SQLAlchemy

app = Flask(__name__)
app.config['SQLALCHEMY_DATABASE_URI'] =
'mysql://user:password@localhost/mydatabase'
db = SQLAlchemy(app)

@app.route('/api/users', methods=['GET'])
def get_users():
users = User.query.all()
return jsonify(users)

· Message Queues: Implement message queues for asynchronous communica on. Sub-systems
can send and receive messages containing data or instruc ons related to the database.

python

# Example in Python using Celery (for task queue and message passing)
from celery import Celery

celery = Celery('tasks', broker='pyamqp://guest:guest@localhost//')

@celery.task
def process_database_task(data):
# Process data or perform database opera ons
pass

382
 Application Developer-Web & Mobile

· Authen ca on and Authoriza on: Implement secure authen ca on and authoriza on

mechanisms. Ensure that sub-systems have the necessary creden als and permissions to interact
with the database.
· Logging and Monitoring: Implement logging and monitoring mechanisms to track database
interac ons. This includes logging queries, monitoring performance, and capturing errors for
analysis.

· Error Handling: Establish robust error-handling mechanisms to handle scenarios where sub-
systems encounter issues while interac ng with the database.
· Tes ng: Test the integra ons thoroughly to ensure that data flows seamlessly between the sub-
systems and the database. Conduct unit tests, integra on tests, and end-to-end tests.

15.1.9 Caching
In compu ng, a cache is a high-speed data storage layer which stores a subset of data, typically transient
in nature, so that future requests for that data are served up faster than is possible by accessing the data's
primary storage loca on.
Caching is a technique used in compu ng to temporarily store and manage frequently accessed or
computa onally expensive data in a loca on that allows for quicker access. The purpose of caching is to
improve system performance and responsiveness by reducing the me it takes to retrieve data.

Fig. 15.1.1 Caching

When a system or applica on requests certain informa on, the data is first fetched from a slower storage
loca on (such as a database, file system, or external service). Instead of fetching the same data
repeatedly, the result is stored in a cache, which is a faster, easily accessible storage area.

The next me the same informa on is needed, the system checks the cache first. If the data is found in

383
Par cipant Handbook

the cache (a cache hit), it can be retrieved quickly, avoiding the need to perform the me-consuming
opera on of fetching it from the original, slower source. If the data is not in the cache (a cache miss),
the system fetches it from the original source, stores it in the cache for future use, and then delivers it
to the reques ng component.
Caching is employed at various levels within a compu ng system, including:
· Browser Caching: Web browsers store sta c files, such as images, stylesheets, and scripts, in a
local cache to avoid downloading them with each page visit.
· Database Caching: Database systems o en use an in-memory cache to store frequently accessed
query results, reducing the need to re-run complex queries.

· Content Delivery Networks (CDNs): CDNs cache sta c content, such as images and videos, in
strategically located servers worldwide to reduce latency and accelerate content delivery to users.
· Applica on-Level Caching: Applica ons may implement caching mechanisms to store frequently
used data, calcula ons, or results in memory, enhancing overall performance.

· Object Caching: Caching can be applied at the object level within a program, where frequently
used objects or data structures are stored in memory for quick access.

15.1.10 Caching Solutions

Several popular caching solu ons are widely used in the industry to improve the performance and
responsiveness of applica ons. Each of these solu ons has its strengths and is suitable for different
use cases. Some popular caching solu ons are:

1. Memcached:

· Type: In-Memory Key-Value Store

· Memcached is a high-performance, distributed memory caching system. It stores data as key-

value pairs in RAM, making it extremely fast for read-heavy applica ons. Memcached is known
for its simplicity and ease of use. It is commonly used to cache database query results and
alleviate database load.

2. Redis:
· Type: In-Memory Data Structure Store
· Redis is a versa le, in-memory data structure store that supports various data types such as
strings, hashes, lists, sets, and more. Apart from caching, Redis is used for pub/sub messaging,
real- me analy cs, and as a persistent key-value store. It provides advanced features like data
persistence, replica on, and clustering.

384
 Application Developer-Web & Mobile

3. Varnish:

· Type: HTTP Reverse Proxy Cache

· Varnish is a web applica on accelerator and reverse proxy cache. It sits between the web
server and the client, caching sta c content to reduce server load and speed up content
delivery. Varnish is par cularly effec ve for caching HTTP requests, making it suitable for
content-heavy websites.

4. EHCache:
· Type: Java-Based Caching Library

· EHCache is a widely used, open-source caching library for Java applica ons. It provides an in-
memory cache and supports distributed caching. EHCache integrates seamlessly with Java
frameworks and can be used for caching in Hibernate, Spring, and other Java-based
applica ons.

5. Amazon Elas Cache:

· Type: Managed Cache Service

· Amazon Elas Cache is a fully managed caching service provided by AWS. It supports both
Memcached and Redis, allowing users to deploy and scale caching solu ons in the cloud.
Elas Cache is suitable for applica ons hosted on AWS, offering ease of management and
automa c scaling.

6. Microso Azure Cache for Redis:

· Type: Managed Redis Cache Service

· Azure Cache for Redis is a fully managed caching service provided by Microso Azure. It is
based on the popular Redis caching system and offers features such as high availability, data
persistence, and secure connec ons. Azure Cache for Redis is well-integrated with other Azure
services.

7. NGINX:

· Type: Web Server with Caching Capabili es

· NGINX is a high-performance web server and reverse proxy that also includes caching
capabili es. It can be configured to cache sta c content, reducing the load on applica on
servers and improving response mes. NGINX is widely used in web server configura ons to
enhance performance.

385
Par cipant Handbook

8. CDNs (Content Delivery Networks):

· Type: Distributed Network of Caching Servers

· CDNs like Cloudflare, Akamai, and Amazon CloudFront operate distributed caching servers
globally. They cache sta c content, such as images and scripts, closer to end-users, reducing
latency and improving content delivery speed. CDNs are par cularly effec ve for serving sta c
assets in web applica ons.

15.1.11 Message Queues

Message queues are communica on systems that enable the exchange of messages between different
so ware components or distributed systems. In a message queue, messages are placed in a queue and
processed asynchronously by the systems or components that subscribe to the queue. This decouples the
sender of a message from its receiver, allowing for more flexible and scalable communica on.

Some popular message queue implementa ons are: RabbitMQ, Apache Ka a, Amazon Simple Queue
Service (SQS), and Microso Azure Service Bus.

Fig. 15.1.2 Message Queues

Key Components of a Message Queue:

· Message Producer: Generates and sends messages to the message queue.

· Message Queue: Serves as an intermediary or buffer where messages are stored un l they are
consumed by a receiver.
· Message Consumer: Retrieves and processes messages from the message queue.

Use of Message Queues:

· Asynchronous Communica on: Message queues facilitate asynchronous communica on

between components. The sender and receiver do not need to be ac ve at the same me. The
sender can enqueue messages, and the receiver can process them at its own pace.

· Decoupling: Message queues decouple components by allowing them to communicate without

being directly connected. This reduces dependencies, making systems more modular and easier
to maintain and scale.

386
 Application Developer-Web & Mobile

· Scalability: Asynchronous processing and decoupling provided by message queues contribute to

be er scalability. Components can be added or removed without disrup ng the overall system.
· Load Balancing: Message queues support load balancing by distribu ng the processing load
among mul ple consumers. This ensures efficient u liza on of resources and prevents
bo lenecks.
· Fault Tolerance: In case a component or system fails, messages remain in the queue un l the
receiver is available again. This enhances fault tolerance and ensures that no messages are lost.

· Interoperability: Message queues enable interoperability between systems built with different
technologies. As long as systems adhere to a common message format, they can exchange
messages seamlessly.
· Event-Driven Architecture: Message queues are a fundamental component of event-driven
architectures. They enable systems to react to events and messages, triggering specific ac ons or
workflows.
· Buffering: Message queues act as buffers, allowing systems to handle bursts of data or traffic. This
helps prevent overload situa ons and ensures smooth opera on under varying workloads.

· Logging and Audi ng: Message queues can be valuable for logging and audi ng purposes. They
provide a record of messages processed over me, aiding in tracking and monitoring system
ac vi es.

15.1.12 Micro-services
Micro-services represent an architectural and organiza onal strategy in so ware development. They
involve construc ng so ware from small, autonomous services that interact via well-defined APIs.
These services are managed by compact, self-contained teams.
· Building Microservices: Start with a Monolith: Begin by developing a monolithic applica on, a
single, cohesive unit. This simplifies the ini al development process and allows for faster itera on.

· Organize Your Teams the Right Way: Form small, self-contained teams, each responsible for
specific microservices. This organiza onal structure enhances agility, collabora on, and
accountability.

· Split the Monolith to Build a Microservices Architecture: Gradually decompose the monolith into
microservices. Iden fy dis nct func onali es, separate them into individual services, and
establish well-defined APIs for communica on.

387
Par cipant Handbook

Fig. 15.1.3 Micro-service Architecture

15.1.13 APIs
APIs, or Applica on Programming Interfaces, serve as a set of protocols and tools that enable different
so ware applica ons to communicate with each other. They define the methods and data formats that
applica ons can use to request and exchange informa on. APIs play a pivotal role in facilita ng the
integra on of diverse so ware systems, allowing them to interact seamlessly.

Fig. 15.1.4 APIs

388
 Application Developer-Web & Mobile

REST ful APIs, based on the principles of Representa onal State Transfer (REST), are a set of guidelines for
designing web services that enable communica on between systems over the internet. RESTful APIs use
standard HTTP methods (GET, POST, PUT, DELETE) to perform opera ons on resources, which are
iden fied by unique URLs.
Create Reusable RESTful and Secure APIs
· Define Clear Objec ves: Clearly define the purpose and func onality of your API. Understand the
data it will handle and the ac ons it will perform.
· Follow RESTful Principles: Design your API following RESTful principles, including resource-based
URLs, proper use of HTTP methods, and statelessness.
· Use HTTPS: Enforce secure communica on by using HTTPS to encrypt data in transit, preven ng
poten al security threats.
· Implement Authen ca on: Choose a robust authen ca on mechanism (OAuth 2.0, API keys) and
implement it to control access to your API. Ensure sensi ve opera ons require authen ca on.
· Handle Authoriza on: Implement authoriza on mechanisms, such as role-based access control
(RBAC), to manage permissions and control access to different parts of your API.
· Input Valida on: Validate and sani ze input data to prevent security vulnerabili es. Implement
strict input valida on on both client and server sides.
· Error Handling: Develop consistent error handling mechanisms. Provide meaningful error
messages, use appropriate HTTP status codes, and avoid exposing sensi ve informa on in error
responses.
· Rate Limi ng: Implement rate limi ng to prevent abuse and ensure fair usage. Define and enforce
limits on the number of requests a client can make within a specific me period.
· Documenta on: Create comprehensive API documenta on using tools like Swagger or OpenAPI.
Clearly ar culate endpoints, request/response formats, and authen ca on procedures.
· Tes ng: Conduct thorough tes ng of your API using tools like Postman or Insomnia. Perform unit
tests, integra on tests, and security assessments to iden fy and address vulnerabili es.
· Logging and Monitoring: Implement logging for API ac vi es and set up monitoring to detect
unusual pa erns or poten al security threats. Monitor for performance, errors, and security
events.
· Use JWT Tokens: Consider using JSON Web Tokens (JWT) for token-based authen ca on. JWTs
provide a compact and self-contained way to transmit informa on securely.
· CORS Configura on: Configure Cross-Origin Resource Sharing (CORS) headers appropriately to
control which domains can access your API, preven ng unauthorized cross-origin requests.
· SSL/TLS Cer ficates: Regularly update and manage SSL/TLS cer ficates for secure
communica on. Use strong encryp on algorithms to protect data integrity and confiden ality.
· Versioning: Include versioning in API to manage changes gracefully. This can be achieved through
the URL or headers.

389
Par cipant Handbook

15.1.15 Documentation of Backend API Functionalities

Documenta on of backend API func onali es is the process of systema cally recording and explaining
the features, behaviors, and usage guidelines of an API. It serves as a comprehensive guide for developers,
enabling them to understand, integrate, and u lize the API effec vely.
Process:

· Overview: Begin by providing a concise overview of the API, outlining its purpose and key
func onali es.
· Authen ca on: Clearly document the authen ca on methods required for accessing the API,
whether it involves API keys, OAuth tokens, or other mechanisms.

· Endpoint Details: List all API endpoints along with their respec ve HTTP methods (GET, POST, PUT,
DELETE), URLs, parameters, and request/response formats.
· Request Examples: Include detailed examples of valid API requests for each endpoint, specifying
headers, parameters, and request payloads.
· Response Examples: Provide examples of typical API responses, covering status codes, headers,
and response bodies. Address different scenarios and error responses.

· Data Models: Define the data models used in the API, explaining their structures, data types, and
rela onships in both request and response payloads.
· Error Handling: Document how the API handles errors, providing a comprehensive list of possible
error codes, explana ons, and recommended ac ons for developers.

· Rate Limi ng: If applicable, detail any rate-limi ng policies, including limits, me intervals, and
the behavior when those limits are exceeded.
· Security Considera ons: Offer informa on on security best prac ces, emphasizing HTTPS usage,
input valida on, and safeguards against common vulnerabili es.

· Interac ve Documenta on: If feasible, create interac ve documenta on using tools like Swagger
or OpenAPI to enable developers to explore and test the API directly within the documenta on.

15.1.15 Building Scalable and Reliable Back-End Systems

Crea ng a scalable and reliable back-end system is crucial for handling growing user loads and ensuring
consistent performance. Here's a guide on how to achieve scalability and reliability:
· Define Clear Requirements: Begin by understanding the project's current and future
requirements. Iden fy poten al areas of growth and define performance expecta ons.

· Choose the Right Architecture: Opt for a scalable architecture, such as microservices or serverless,
that allows components to scale independently. Choose technologies that align with scalability
goals.

· Distributed Systems: Design your back-end as a distributed system, enabling seamless

390
 Application Developer-Web & Mobile

communica on between components. Use message queues for asynchronous processing and
reduce interdependencies.

· Database Scalability: Choose databases that support horizontal scaling. Implement sharding,
replica on, or use NoSQL databases to distribute data efficiently.
· Caching Mechanisms: Integrate caching mechanisms to reduce database load. Use in-memory
caching or distributed caching solu ons to store frequently accessed data.
· Load Balancing: Implement load balancing to distribute incoming traffic across mul ple servers.
This prevents overloading specific instances and ensures even resource u liza on.

· Auto-Scaling: Set up auto-scaling mechanisms to dynamically adjust resources based on demand.

Use cloud pla orms to automate the scaling process for increased efficiency.
· Fault Tolerance: Design with fault tolerance in mind. Implement redundancy and failover
mechanisms to ensure uninterrupted service even if specific components fail.

· Monitoring and Analy cs: Implement robust monitoring tools to track system performance,
iden fy bo lenecks, and detect anomalies. U lize analy cs to make informed decisions about
resource alloca on.

· Scalable Storage Solu ons: Choose storage solu ons that can scale horizontally, especially for
large datasets. Cloud-based object storage or distributed file systems can be effec ve choices.
· Network Op miza on: Op mize network communica on to reduce latency. Use Content
Delivery Networks (CDNs) for sta c assets and ensure efficient communica on between services.

· Security Measures: Implement robust security measures to protect against cyber threats.
Regularly update so ware, employ encryp on, and follow security best prac ces.
· Documenta on and Knowledge Sharing: Document the architecture, scaling strategies, and
opera onal procedures. Encourage knowledge sharing within the development team to ensure
everyone understands the system's complexi es.
· Disaster Recovery Planning: Develop a comprehensive disaster recovery plan. Regularly back up
data, implement off-site backups, and have a clear strategy for system recovery in case of
unexpected events.

· Performance Tes ng: Conduct regular performance tes ng to iden fy poten al bo lenecks and
areas for improvement. Simulate high loads to ensure the system can handle peak traffic.

15.1.16 Scaling Applications Horizontally

Scaling applica ons horizontally is a fundamental strategy to handle increased demand and enhance
performance. This involves adding more compu ng resources, such as servers or instances, to a system.
Auto-scaling and load balancing solu ons are pivotal components in achieving horizontal scalability.

391
Par cipant Handbook

Auto-Scaling: Auto-scaling is the automated process of adjus ng the number of instances or servers
based on the current workload. This is typically managed by cloud providers, allowing applica ons to
dynamically scale up or down as demand fluctuates. The process involves defining policies that dictate
when to add or remove instances. Key steps include:
· Define Scaling Policies: Establish policies based on metrics like CPU u liza on, network traffic, or
custom performance indicators. Determine thresholds that trigger scaling ac ons.

· Select Scaling Mechanisms: Choose between ver cal scaling (increasing the capacity of exis ng
instances) and horizontal scaling (adding more instances). For achieving true horizontal scalability,
focus on adding more instances.
· Cloud Pla orm Integra on: Integrate with the cloud provider's auto-scaling features. Pla orms
like AWS, Azure, and Google Cloud offer na ve tools to manage auto-scaling based on predefined
condi ons.
· Monitoring and Metrics: Implement robust monitoring to track system performance. U lize
metrics to make informed decisions about scaling ac ons. Common metrics include CPU
u liza on, memory usage, and network throughput.
· Load Tes ng: Conduct load tes ng to simulate various usage scenarios. This helps define scaling
triggers accurately and ensures the system responds effec vely under different workloads.

Load Balancing: Load balancing is a technique that distributes incoming traffic across mul ple servers or
instances to ensure even resource u liza on and prevent overload on specific components. Here's a
textbook breakdown:

· Distribu on of Traffic: A load balancer sits between the applica on and users, distribu ng
incoming requests across mul ple servers. This ensures that no single server bears the en re load.
· Types of Load Balancers: Choose between hardware and so ware load balancers or leverage
cloud-na ve load balancing solu ons. Common algorithms for distribu ng traffic include Round
Robin, Least Connec ons, and IP Hash.

· Session Persistence: For applica ons that require stateful sessions, configure the load balancer
for session persistence to direct subsequent requests from the same user to the same server.

· Health Checks: Load balancers regularly perform health checks on servers to ensure they are
responsive. Unhealthy servers are temporarily taken out of rota on to prevent serving faulty
requests.
· Scalability and Redundancy: Load balancers contribute to both scalability and redundancy. They
enable seamless integra on of new servers, allowing for easy horizontal scaling, and provide
failover support by redirec ng traffic away from failed servers.
· Global Load Balancing: For applica ons with a global user base, consider global load balancing
solu ons that distribute traffic across mul ple data centers or regions.

392
 Application Developer-Web & Mobile

15.1.17 Deploy Back-End Systems

· Deploying back-end systems on cloud pla orms offers scalability, flexibility, and accessibility.
Below is a step-by-step demonstra on of deploying a back-end system on popular cloud pla orms
like AWS and Azure:
· AWS (Amazon Web Services):
· Create an AWS Account: Sign up for an AWS account and access the AWS Management Console.

· Navigate to AWS Elas c Beanstalk: Select Elas c Beanstalk, AWS's fully managed service for
deploying applica ons.
· Create an Applica on: Create a new applica on within Elas c Beanstalk. Specify the run me
environment, such as Node.js, Java, or Python.

· Upload Applica on Code: Upload your back-end applica on code as a zip file or connect to a
version control system like GitHub.
· Configure Environment Se ngs: Define environment se ngs, including instance type, database
connec on details, and any environment variables needed by your applica on.

· Review and Launch: Review the configura on and launch the environment. AWS Elas c Beanstalk
will automa cally provision the necessary resources.

· Access Applica on URL: Once deployed, access your back-end applica on using the provided URL.
AWS takes care of load balancing, auto-scaling, and infrastructure management.
· Azure (Microso Azure):
· Create an Azure Account: Sign up for an Azure account and access the Azure Portal.

· Navigate to Azure App Service: Choose Azure App Service, a pla orm for building, deploying, and
scaling web apps.
· Create a Web App: Create a new web app within Azure App Service. Specify the run me stack,
such as .NET, Java, or Node.js.

· Configure Deployment Op ons: Connect your back-end applica on to a source code repository
like Azure DevOps or GitHub. Configure deployment op ons for con nuous integra on.
· 5.Set Applica on Se ngs: Define applica on se ngs, connec on strings, and environment
variables required by your back-end system.Review and Deploy: Review the configura on and
deploy your back-end system. Azure App Service handles scaling, load balancing, and deployment
management.

· Access Applica on URL: Once deployed, access your back-end applica on through the provided
URL. Azure App Service ensures seamless deployment and management.
· Common Best Prac ces:
· Use Cloud Databases: Leverage cloud-na ve databases like AWS RDS or Azure SQL Database to
store and manage your applica on data.

393
Par cipant Handbook

· mplement Security Measures: U lize cloud security features such as iden ty management, access
control, and encryp on to secure your back-end systems.

· Monitor and Scale as Needed: Implement cloud monitoring tools to track performance. Use auto-
scaling features to dynamically adjust resources based on demand.
· Backup and Recovery: Set up automated backups and implement recovery strategies to ensure
data resilience in case of failures.

15.1.18 Managing Security Configurations of Back-

End Applications
Securing back-end applica ons is a cri cal aspect of maintaining the integrity and confiden ality of data.
This guide outlines fundamental prac ces for managing security configura ons to mi gate poten al
threats and unauthorized access.

· Authen ca on and Authoriza on: Robust authen ca on methods, including mul -factor
authen ca on, should be implemented to verify user iden es. Authoriza on policies must be
clearly defined to regulate access permissions.

· Secure Communica on: Employ secure communica on protocols, specifically HTTPS, to encrypt
data during transit, reducing the risk of eavesdropping and man-in-the-middle a acks.
· Input Valida on: Implement stringent input valida on procedures to thwart common
vulnerabili es like SQL injec on and cross-site scrip ng, safeguarding against injec on a acks.

· Secure Storage of Creden als: Sensi ve informa on, such as database creden als, should be
securely stored. U lize recommended mechanisms provided by the opera ng system or cloud
pla orm for creden al storage.

· Regular Security Audits: Conduct periodic security audits to iden fy and rec fy vulnerabili es.
Code reviews and automated security scanning tools can enhance the overall security posture.
· Role-Based Access Control (RBAC): Implement RBAC to assign specific roles and permissions to
users based on their responsibili es. Regular reviews should be conducted to ensure access levels
align with current requirements.

· Security Headers: Enhance browser security by incorpora ng security headers in HTTP responses.
Headers like Content Security Policy (CSP) and Strict-Transport-Security (HSTS) offer protec on
against diverse a ack vectors.

· Security Patching: Maintain up-to-date so ware dependencies, including frameworks and

libraries, by promptly applying the latest security patches. Regularly monitor for updates to
ensure a secure environment.

· Encrypt Data at Rest: U lize encryp on mechanisms to safeguard data stored on disk or in
databases. Many databases and cloud storage solu ons provide built-in encryp on features.
· Logging and Monitoring:

394
 Application Developer-Web & Mobile

· Implement extensive logging to capture security-relevant events. Regularly scru nize logs for
anomalies and integrate monitoring tools to detect and respond to suspicious ac vi es.

· Secure APIs: - If APIs are exposed, ensure their security by implemen ng robust authen ca on,
authoriza on, and request valida on mechanisms. Safely manage tokens and API keys.
· Firewalls and Network Security: - Configure firewalls to restrict access to necessary ports and IP
addresses. Network security measures should be implemented to prevent unauthorized access to
back-end infrastructure.
· Security Configura ons in Cloud Services: - Take advantage of security features provided by cloud
service providers, such as Virtual Private Clouds (VPCs), network security groups, and Iden ty and
Access Management (IAM) policies.

· Incident Response Plan: - Develop a comprehensive incident response plan detailing steps to be
taken during security incidents. This plan should encompass communica on procedures,
inves ga on steps, and recovery strategies.

· User Educa on and Training: Promote awareness among users and developers regarding security
best prac ces. Training should cover social engineering threats and emphasize the importance of
strong passwords.

· Compliance Standards: - Ensure adherence to applicable compliance standards, such as GDPR,

HIPAA, or PCI DSS, aligning with the specific data and industry requirements.

15.1.19 Encryption
Encryp on is a fundamental aspect of data security, safeguarding sensi ve informa on from
unauthorized access during transmission and storage. Here's a detailed guide on how to encrypt data in
transit and data at rest:

Encryp ng Data in Transit:

· Implement HTTPS for Web Applica ons: For web applica ons, enable HTTPS by obtaining an
SSL/TLS cer ficate. Configure your web server (e.g., Apache, Nginx) to use the cer ficate for
secure communica on.
· Use TLS/SSL Protocols: Ensure that your servers support the latest versions of Transport Layer
Security (TLS) or Secure Sockets Layer (SSL) protocols. Disable outdated versions to mi gate
known vulnerabili es.

· Apply Encryp on to Database Connec ons: If your applica on communicates with a database,
enable encryp on for database connec ons. Most modern database systems provide op ons for
encryp ng data in transit.

· U lize VPNs or Private Networks: Establish Virtual Private Networks (VPNs) or private networks
for secure communica on between different components of your infrastructure. This ensures
encrypted data transfer within the network.

395
Par cipant Handbook

· Secure File Transfers: When transferring files between systems or users, use secure file transfer
protocols like SFTP (Secure File Transfer Protocol) or SCP (Secure Copy). These protocols encrypt
data during transfer.
· Message-Level Encryp on: Implement message-level encryp on for communica on between
microservices or APIs. Use protocols like OAuth or JWT for secure authen ca on and encrypted
message payloads.
Encryp ng Data at Rest:
· Choose Encrypted Storage Solu ons: Opt for storage solu ons that support encryp on at rest.
Many cloud storage services (e.g., AWS S3, Azure Blob Storage) provide built-in op ons for
encryp ng data stored in the cloud.

· Database-Level Encryp on: Enable database-level encryp on for sensi ve data. Most modern
database management systems offer features like Transparent Data Encryp on (TDE) to encrypt
data at rest.

· Encrypt Local File Systems: If your applica on relies on local storage, implement full-disk
encryp on or encrypt specific directories. Opera ng systems o en provide tools or features to
enable disk-level encryp on.

· Secure Backup Encryp on: Ensure that backups of your data are also encrypted. Whether using
cloud-based backup services or tradi onal backup solu ons, enable encryp on to protect data
integrity.
· Use Hardware Security Modules (HSMs): Consider using Hardware Security Modules for key
management. HSMs provide secure storage and management of cryptographic keys, enhancing
the overall security of encryp on implementa ons.
· Container Encryp on: If your applica on is containerized, ensure that container images and their
associated volumes are encrypted. Container orchestra on pla orms o en offer features for
securing data at rest.
· File-Level Encryp on: For specific files containing sensi ve informa on, implement file-level
encryp on. This can be achieved using encryp on libraries or tools that encrypt individual files
before storage.

· Regularly Rotate Encryp on Keys: Establish a key management policy and regularly rotate
encryp on keys. This prac ce enhances security by limi ng the exposure me even if a key is
compromised.

· Compliance with Regula ons: Ensure that your encryp on prac ces align with industry-specific
regula ons (e.g., GDPR, HIPAA) that mandate certain encryp on standards for protec ng
sensi ve data.

· Document and Train: - Document your encryp on procedures, including key management
prac ces. Train your team on encryp on best prac ces and regularly update documenta on to
reflect any changes.

396
 Application Developer-Web & Mobile

15.1.20 Identity and Access Management (IAM)

Iden ty and Access Management (IAM) is a comprehensive framework that governs the management of
user iden es and their access to resources within an organiza on's IT infrastructure. The primary goal of
IAM is to ensure that the right individuals have the appropriate level of access to the right resources at the
right me. IAM encompasses various policies, processes, and technologies to facilitate secure and
efficient access control.

Fig. 15.1.3 Micro-service Architecture

Features of IAM:

· Authen ca on: IAM provides robust authen ca on mechanisms to verify the iden ty of users
a emp ng to access resources. This includes mul -factor authen ca on, ensuring an addi onal
layer of security beyond tradi onal username and password.

· Authoriza on: Authoriza on in IAM defines what ac ons users are allowed to perform and what
resources they can access. This includes specifying permissions, roles, and policies to control
access at a granular level.

· User Lifecycle Management: IAM systems manage the en re lifecycle of user accounts, from
crea on to deac va on. This includes provisioning, de-provisioning, and managing access as
users' roles or responsibili es change.
· Single Sign-On (SSO): IAM o en incorporates Single Sign-On capabili es, allowing users to
authen cate once and gain access to mul ple systems or applica ons without the need to re-
enter creden als.

397
Par cipant Handbook

· Role-Based Access Control (RBAC): RBAC is a key feature where access permissions are assigned
based on the user's role within the organiza on. This simplifies access management by associa ng
permissions with predefined roles.

· Audit and Monitoring: IAM systems offer comprehensive audit and monitoring features, enabling
organiza ons to track user ac vi es, detect anomalies, and generate reports for compliance and
security purposes.
· Iden ty Federa on: IAM facilitates iden ty federa on, allowing users to access resources across
different systems or even external organiza ons using their exis ng creden als. This promotes
seamless and secure collabora on.
· Policy Management: IAM systems allow the crea on and enforcement of access policies. These
policies define rules for user access based on factors such as loca on, device, and me, enhancing
security and compliance.
· Self-Service Portals: Many IAM systems provide self-service portals, empowering users to
manage their own iden es, reset passwords, or request access permissions within defined
limits.

· Scalability and Integra on: IAM solu ons are designed to scale with the organiza on's growth.
They o en integrate with other enterprise systems, such as Human Resources (HR) or Ac ve
Directory, to synchronize iden ty data.

Components of IAM:
· Iden ty Store: The repository where user iden es and associated a ributes are stored, o en
integrated with directories like Ac ve Directory or LDAP.

· Access Management: The core func onality that governs access to resources based on
authen ca on, authoriza on, and policy enforcement.
· Iden ty Governance: Manages the en re iden ty lifecycle, including provisioning, de-
provisioning, and compliance management.

· Authen ca on Services: Implements authen ca on mechanisms such as password-based,

mul -factor, or biometric authen ca on.
· Authoriza on Services: Defines and enforces access policies, roles, and permissions for users.

· Audit and Repor ng: Monitors and logs user ac vi es, providing insights for audi ng, compliance,
and security analysis.

15.1.21 Test Back- End Functionality

· Tes ng the func onality of the back-end is a cri cal part of ensuring the overall reliability and
performance of a so ware applica on. Scripted tes ng provides an efficient and repeatable
method to validate the func onality of back-end services. Here's an examina on of how to test
back-end func onality using scripts:

398
 Application Developer-Web & Mobile

· Scrip ng Languages: Choose a scrip ng language that aligns with the technology stack of your
back-end. Common choices include Python, JavaScript (Node.js), Ruby, or Shell scrip ng. Ensure
the selected language has suitable libraries or frameworks for making HTTP requests and handling
responses.
· HTTP Request Libraries: U lize libraries or modules that facilitate making HTTP requests. For
example, in Python, the 'requests' library is widely used for sending HTTP requests to back-end
APIs.
· Test Automa on Frameworks: Leverage test automa on frameworks designed for back-end
tes ng. Frameworks like Postman, RestAssured (for Java), or Frisby.js (for Node.js) provide
features for crea ng and running API tests.
· Endpoint Valida on: Cra scripts to validate the correctness of back-end endpoints. Verify that the
expected data is returned, and the responses conform to the defined API specifica ons, such as
OpenAPI or Swagger documenta on.Parameterized Tes ng: Implement parameterized tes ng to
assess how the back-end handles different input scenarios. Vary parameters in your scripts to
cover a wide range of use cases and edge cases.
· Authen ca on Tes ng: Test the authen ca on mechanisms implemented in the back-end.
Ensure that the system correctly authorizes authen cated users and denies access to
unauthorized ones.
· Error Handling: Create scripts to assess how the back-end handles errors. Test scenarios where
incorrect input or unexpected situa ons occur, and verify that appropriate error messages and
status codes are returned.
· Performance Tes ng: Extend scripts to include performance tes ng. Use tools like Apache JMeter
or Gatling to simulate mul ple concurrent users, analyze response mes, and iden fy poten al
bo lenecks.
· Database Tes ng: Integrate database tes ng into your scripts to validate data integrity. Ensure
that data is correctly stored, updated, and retrieved from the back-end database.

· Integra on Tes ng: Script integra on tests to evaluate the interac on between various
components of the back-end, including third-party services, databases, and caching mechanisms.
· Con nuous Integra on (CI) Integra on: Integrate your back-end tests into the CI/CD pipeline. This
ensures that tests are automa cally executed whenever changes are made to the codebase,
providing rapid feedback to developers.

· Logging and Repor ng: Enhance scripts to include logging and repor ng features. Capture
relevant informa on during test execu on, such as success/failure status, response mes, and any
encountered issues.

· Security Tes ng: Incorporate security tes ng into your scripts to iden fy vulnerabili es. Test for
common security issues such as SQL injec on, cross-site scrip ng (XSS), and data exposure.
· Mocking and Stubbing: Use tools for mocking and stubbing to isolate components during tes ng.
This allows you to simulate the behavior of external services or dependencies.

399
Par cipant Handbook

· Data Setup and Teardown: Implement scripts to set up and tear down test data. Ensure that each
test starts with a clean state and leaves the system in a consistent state a er execu on.

· Versioning and Compa bility: Include tests for versioning and compa bility to ensure that
changes to the back-end do not break exis ng func onality or APIs.

400
 Application Developer-Web & Mobile

Exercise
A. Answer the following ques ons.
1. What is back-end engineering, and how can you differen ate between front-end and back-end
responsibili es?
2. What are stubs, and how are they developed for upstream and downstream processes?

3. List different types of back-end applica on dependencies

4. How do you create reusable RESTful and secure APIs in the back-end?

5. Define message queues.

B. Write full form:

1. TDE

2. IAM
3. DBMS

4. API

5. “REST”ful

401
Par cipant Handbook

Notes

QR Code
Scan the QR Code to watch the related videos

h ps://youtu.be/uGkC9aoLLp8
Backend App Development Explained

402
 Application Developer-Web & Mobile

403
Par cipant Handbook

9. Annexure
Annexure I - QR Codes –Video Links

2
 Application Developer-Web & Mobile

Annexure I
Annexure I - QR Codes –Video Links

Chapter Unit Name Topic Name URL Page QR Code

Name No

Chapter 1: Unit 1.1 – About IT-ITeS h ps://youtu.be/c 15

IT-ITeS/BPM Understanding Sector OtKswmP2NY
Industry – the IT-ITeS
An Sector
Introduc o
n (Bridge
Module)

Chapter 2: Unit 2.1 – Overview of

h ps://youtu.be/d
Future Skills Overview of the Future Skills 43
XpsS3V7HXg
– An Future Skills And Cyber
Introduc o Sub-Sector Security
n (Bridge
Module)

Chapter 3: Unit 3.1 – Introduc on h ps://youtu.be/N

Web Fundamentals of to Web GAIdmMaHcQ 59
Technology Web Technology Technologies
– An
Introduc o
n (Bridge
Module)

Chapter 4: Unit 4.1 – Mobile h ps://youtu.be/C

Mobile Understanding Technologies 75
7URTDR5HJY
Developme Mobile
nt – An Technology
Introduc o
n (Bridge
Module)

Chapter 5: Unit 5.1 – Data Compliance,

h ps://youtu.be/Z
Global Management Data xinjLD4z4A
91
Standards Standards and Governance
and Compliance & Protec on
Regula ons for SaaS
(Bridge Solu ons
Module)

405
Par cipant Handbook

Chapter 6: Unit 6.1 – Web h ps://youtu.be/q 116

Development Applica on Development Ew8qlRX05A
Tools and Development Tools I Use to
Usage Tools and Increase
(Bridge Prac ces Produc vity
Module)

Chapter 7: Unit 7.1 – Con nuous h ps://youtu.be/Q

Con nuous Founda ons of Deployment 134
uCekFcb6m4
Integra on, Con nuous vs
Delivery and Integra on, Con nuous
Deployment Delivery, and Delivery
(SSC/N8417) Deployment

Unit 7.2 – CI/CD

h ps://youtu.be/5 154
Advanced Pipeline 7dkyTmOCmE
CI/CD Prac ces
and
Automa on
Tools

Chapter 8: Unit 8.1 – So ware h ps://youtu.be/6r

Test Tes ng Tes ng 177
NgPXz9A9s
Engineering Fundamentals Techniques
(SSC/N8125) and
Methodologies

Chapter 9: Unit 9.1 – Bugs Bug Fix | h ps://youtu.be/1J

Bugs Fixing Fixing and How to fix a 220
HmBkjbJo0
and Performance bug
Performance Improvement
Improvement
(SSC/N8418)

406
 Application Developer-Web & Mobile

Chapter 10: Unit 10.1 – Applica on h ps://youtu.be/A 244

Applica on Applica on Performance xlv27dXVBw
Performance Performance Monitoring
Monitoring Monitoring
(SSC/N8323)

Chapter 13: Unit 13.1 – Frontend h ps://youtu.be/W

317
Front-end Front-end Web web G5ikvJ2TKA
Web Development development
Development (SSC/N8414)
(SSC/N8414)
(Elec ve – 1)

Chapter 14: Unit 14.1 – How to Learn h ps://youtu.be/A 331

Mobile Mobile Mobile App snVb0aS4cE
Applica on Solu on Development
Development Planning and
(SSC/N8415) Development
(Elec ve – 1)

Unit 14.2 – Deployment h ps://youtu.be/s 366

Mobile of Mobile RjuAb2UZg8
Applica on Applica ons
Development
and
Deployment

Chapter 15: Unit 15.1 – Backend App h ps://youtu.be/u 402

Back-end Back-end Development GkC9aoLLp8
Engineering Engineering Explained
(SSC/N8416)
(Elec ve - 3)

407
Par cipant Handbook

Notes

408
 Application Developer-Web & Mobile

409
IT – ITeS Sector Skill Council NASSCOM
Sector Skill Council Contact Details:
Address: Plot No. – 7, 8, 9 & 10 Sector – 126, Noida, Uttar Pradesh – 201303
New Delhi – 110049
Website: www.sscnasscom.com
Phone: 0120 4990111 – 0120 4990172