Introducing the ABAP Test Cockpit: A New Level of ABAP Quality Assurance
The ABAP Test Cockpit (ATC) is SAP’s new framework for Quality Assurance. It performs static and unit tests for custom ABAP programs and introduces Quality-Gates (Q-Gates) for transport requests.
ATC was unveiled at last year’s SAP TechEd. The entire session including a live demo can be viewed below. Following a successful pilot, it was released for NetWeaver 7.0 SP12 and NetWeaver AS ABAP 7.03 SP05 in September and October 2012, respectively. General guidelines for configuring and running ATC are available at the SAP Community Network for both developers and quality managers.
ATC integrates directly with the ABAP Workbench and is accessible through SE80, SE24, SE38, SE11 and other Workbench tools. The existing iteration of the tool focuses almost exclusively on performance checks for exceptions such as runtime errors. However, SAP has revealed plans to deliver a new Security Scan Solution (SLIN_SEC) as an add-on for the Extended Program Check (SLIN) in ATC. This will enable security vulnerability checks for custom code. The introduction of the Security Scan Solution should improve the general security of ABAP programs and lower the risk of code-level vulnerabilities in ABAP systems including insufficient authority checks and code injections arising from uncontrolled input. You can learn more about the solution at session SIS261 scheduled on October 24 during this year’s SAP TechEd.
The alternative to the SAP Security Scan Solution is Virtual Forge CodeProfiler. CodeProfiler also integrates with ATC and performs a patented static code analysis for any type of ABAP program. CodeProfiler provides comprehensive performance and quality testing and is SAP-certified for integration with SAP NetWeaver.