Defensive programming is the practice of anticipating where failures can occur and then creating an infrastructure that tests for errors, notifies you when anticipated failures occur, and performs damage-control actions you have specified – such as stopping program execution, redirecting users to a backup server, enabling debugging information you can use to diagnose the problem, and so on. These defensive programming infrastructures are typically built by adding assertions to the code, implementing Design by Contract, developing software defensive firewalls, or simply adding code that validates user inputs.
By applying defensive programming techniques, you can detect problems that might otherwise go unnoticed, prevent minor problems from growing into disasters, and save yourself a lot of debugging and maintenance time in the long run. For instance, say that you have a Web-based stock trading system and you have built in to it an infrastructure that constantly checks the application's connection to the stock market. When this infrastructure detects a lost connection, it alters program execution so that users are brought to a page that explains the problem and directs them to the telephone trading system. The problem is detected immediately, and the damage control action ensures that your customers have an alternative way to perform their desired actions.
|
