What Can Star Wars Teach Us About Software Testing?
By Chris Sherlock, Head of the Testing Capability at Nimble Approach.
How many times have you sat watching one of your favourite films and thought “well clearly no-one has thought about testing this!” Or is that just me?
Hollywood is full of lessons in what not to do in software testing.
I find your lack of testing disturbing
I recently hosted a panel for a group of our Test Engineers at Nimble Approach, where we took a look at some clips from across the Star Wars films and put on our testing hats – thinking about what had gone wrong in the clip and what sort of testing could have been undertaken that potentially would have mitigated those issues.
Spoilers ahead, if you’ve somehow yet to see Star Wars 1 to 6!
You’ve turned off your Regression Tests
Shift-Left approach
We first took a look at possibly one of the most famous scenes in the whole franchise: When the Death Star explodes from the Rebel attack. It’s a tale as old as time, you leave a small 3m vent in your giant space fortress and someone shoots a missile down it, causing the whole thing to blow up.
A few of our Testers were quick to point out security testing – how had they left such a gap in their designs? Another pointed out that (according to Rogue One), the architect had left the vent vulnerability on purpose. Maybe the Imperial army could have benefitted from a Shift-Left approach, ensuring these kinds of edge cases were caught early, before your Death Star is built?
Another point was raised – Yes the vent existed, but there were turrets protecting the approach, they had considered security! But, had they gone for the right solution, or would they have benefitted more from just sticking a vent cover on? Maybe that’s one for our User-Centred Design team…
Now THIS is performance testing!
Observability and Monitoring
We next looked at a scene from Episode 1 – The pod race. There was plenty up for discussion here, from the pods themselves, to the course and the attendees.
Starting with the pods themselves, it was pointed out that they’re not exactly user-friendly machines. When one of the racers stalls at the beginning, he’s frustrated trying to get it running again and actually ends up blowing up the pod racer.
Not exactly the result he was going for. Others also pointed out that, with Anakin’s pod being sabotaged, there was no good alerting or monitoring to tell him where the problem was.
Maybe that’s something he could talk to his DevOps Engineers about?
Finally, another racer comes in for a pit stop, and the pit droid ends up getting sucked into an engine and busting it – could there have been some signage put in to avoid that? Maybe some documentation for the droid to explain not to get close?
Next, to the race itself. For one thing, the security was sorely lacking. We saw some Tusken Raiders who had set up along the course and were shooting at the passing racers – quite a critical security vulnerability. Aside from that, the course itself was challenging, but still could have had some improvements – like signposting directions, or checking for large stalactites in the caves which racers could hit into.
The Empire Strikes Back… But it’s not fit for purpose
Security and Performance Testing
Our third clip was the battle on Hoth from The Empire Strikes Back. We focused primarily on the AT-ATs, which a few people were fairly critical about. For starters, the fact they could be easily taken out by wrapping up their legs, someone clearly hadn’t tested for that edge case.
We also saw that a Rebel pilot was easily able to get inside one and blow it up from the inside. That’s definitely some Broken Access Control in action there. One of our more Star Wars aficionados explained to us that originally, AT-ATs were designed as cargo ships and converted to combat machines by adding guns. This led us to a good discussion on buying Commercial Off-The-Shelf (COTS) vs bespoke – those AT-ATs weren’t exactly fit for purpose.
Your tests can deceive you, don’t trust them…?
Our final clip of the session was from A New Hope, where Luke begins his training with a lightsabre by defending against the little blaster droid on board the Millennium Falcon. Our biggest discussion point, by far, was how it translated to testing in a non live-like setting, or as Han puts it: “Good against remotes is one thing, good against the living? That’s something else”. If we don’t test against something as close to production as possible, our testing doesn’t really do much for giving confidence in our delivery and performance.
I felt a great disturbance in the CI Pipeline
It turns out, if only the Imperial Army had had solid testers working on their systems, they could have avoided a lot of issues – their security was weak, performance wasn’t great, and they had several issues that had they been caught earlier would have saved them lots of time and money (I can’t imagine it’s cheap to build a Death Star!)
But coming back to Earth, this was a really valuable session for our Testers. Engagement in the discussion was really high, and everyone could input their thoughts well. We had a great time, with plenty of laughs, but plenty of serious discussions on good testing practices. A few attendees even told me afterwards that it actually helped them put into perspective how to approach some of the testing topics on their clients, which is a huge win for me personally.
If you’ve not tried out a session like this before, I’d highly recommend it. Sure, it’s a good sell to folks to watch some classic movie clips, but the discussion that comes off the back of it can be absolutely priceless.
And for us, next time maybe we’ll look at Jurassic Park. I’m sure there’s plenty to sink our teeth into there, right?
Embedded Testing From the Start
At Nimble Approach, we believe testing should be embedded from the start, ensuring robust, secure, and high-performing software. Our Testing Capability helps teams improve test coverage, shift left, and embed quality at every stage of delivery. If you’d like to learn more about how we can support your testing needs, get in touch!
Author Bio
Chris is the Head of the Testing Capability at Nimble Approach, with over ten years of experience in testing across a range of sectors including digital security, public sector, payments and accountancy. He is passionate about upskilling test engineers and promoting the value of testing on delivery projects.
