Defensive Code Design

Learning Objectives

To be able to:

 

  • explain what it means to code a robust program
  • Give different methods for coding a robust program 
  • Code your own program allowing for a variety of different user inputs. 

What does defensive design mean?

Defensive design means to ensure that a program runs correctly and continues to run no matter what actions a user takes. You can do this by planning for all possibilities and thinking about what a user may do that the program does not expect. 

 

This is done via 3 methods:

  1. Protection against unexpected user inputs or actions
  2. Maintainability
  3. Minimising/removing bugs

The anticipation and protection of code

  • Validation

 

  • Sanitisation

 

  • Authentication

 

  • Maintenance

 

  • Testing

Validation

Using validation helps a programmer to ensure that any data input into the program is both sensible and possible

 

To validate data means to apply rules to it and if the data does not meet the criteria given, then the data is rejected. 

These rules can include: 

  • Range check
  • Length check
  • Presence check
  • Format check
  • Type check

Range check

number = 7

if number in range(0,10):

print ("True")

Length check 

number = 719

if Len(number) <= 5:

print ("True")

Presence check

number = 53

if number != "":

print ("True")

Format check

number = int(input())

 

Type check

number = 97

if type(number) is int:

print ("True")

Sanitisation

Data sanitisation is used to hide or protect data to ensure that it can't be seen or disclosed. 

 

The first method is masking, replacing visible data with something else, for example when a user enters a password it is covered with asterisks. 

 

The other method is to remove any inputs that may be potentially dangerous. For example a hacker may try to use SQL injection to search through the linked database for information. So a programmer would remove SQL commands from an input. 

Authentication

Authentication is the process of having a user confirm that they are who they say they are, most commonly by inputting a username and password. 

 

Different authentication is broken down into 3 main factors: 

  1. Something you are - a username or bank account number
  2. Something you know - a password, pin, or secret answer to a question
  3. Something you have - a swipe card or biometrics. 

Maintainability

Someone may choose to go back to a program they wrote a while ago or ask someone else to modify their code to debug or improve it. 

 

To do this the programmer would need to know how the program works and the purpose of the code. 

 

This can include adding in comments, sensible variable names, or indentation

Testing

When first written, a program is likely to contain many bugs. Such as syntax or logic errors

Testing is used to find these errors and debug them. 

 

You can debug your program in 2 different ways, iterative testing or terminal testing

 

Iterative testing means to test your code as you are programming it, to check for any syntax errors and fix them as you are going along. 

 

Whereas, terminal testing means to wait until you have finished your program and then test it as a whole to check that it functions as it should.