Reliable Programming

Software Quality

  • Talk draws heavily on textbook

  • Some quality attributes

    • Reliability
    • User Experience
    • Maintainability
  • Some more

    • Validity
    • Transparency
    • Size (smaller is better)
  • There are probably others

Reliability vs Security

  • Reliability: Resistance against mistakes and the unexpected

  • Security: Resistance against active attempts to exploit mistakes and create the unexpected

  • Security is much harder: will cover later

  • Secure programs tend to be reliable, but… may fail to avoid a security risk

Reliability vs Correctness

  • Reliability: Software will behave predictably

  • Correctness: Software will behave as specified and desired

  • Correctness is much harder

  • Correct programs are reliable

Three Techniques For More Reliable Software

  • "Fault avoidance"

  • Input validation

  • Failure Management

Fault Avoidance: Minimizing Complexity

  • Avoid premature optimization — do the simplest thing that "obviously" works

  • Use structured programming

    • Eliminate copy-paste code
    • Use generalized for loops
    • Use built-in data structures; use best datatypes
  • Use named values (but book example is sketchy)

Fault Avoidance: Structural Complexity

  • Functions should do exactly one thing
  • Functions should never have side effects
  • Avoid deep nesting
  • Every class should have a single responsibility
  • Minimize the depth of inheritance hierarchies
  • Avoid multiple inheritance
  • Avoid threads / parallelism unless absolutely necessary

Fault Avoidance: Data Complexity

  • Define interfaces for all abstractions
  • Define abstract data types
  • Avoid using floating point numbers (?)
  • Never use data aliases

Input Validation

  • Buffer / capacity overflows
  • Whitelist / blacklist
  • Regexes for strings
  • Check numeric ranges

Failure Management

  • Program crashes: Need to prevent if needed, mitigate effects

  • Data corruption: Need to catch early, losing data often better than keeping corrupt data

  • Timing failures: Realtime is hard, avoid managing timing if possible, hard QA otherwise

Last modified: Monday, 2 November 2020, 12:27 AM