2.3 Producing robust programs Flashcards
(16 cards)
What are the two types of defensive design considerations?
Anticipating misuse
Authentication
What is input validation?
Checking data input by the user meets specific criteria/rules before processing.
What are the 6 types of input validation?
- Type check: The input is in the correct data type eg. integer, real, string
- range check: the input is in the correct range eg. between 1 and 2 (inclusive)
- Presence check: some data has been entered eg. reject blank inputs
- format check: the data is in the correct format eg. dd/mm/yyyy
- Length check: the data has the correct (or min/max) number of characters eg. password, or telephone
- Lookup table: a table of acceptable entries, also called a list
By using input validation techniques, what can a programmer ensure?
That their program is:
- more robust
- more user friendly
- prevent further errors occurring later in the algorithm
What is anticipating misuse and what are the 4 different ways of anticipating misuse?
Anticipating misuse is planning ahead to take steps against potential misuse (eg. the app twitter/X prevents the same tweet sent twice in a row as it might be a spam).
- Division by zero
In mathematics, there is no number that when multiplied by 0 returns a non-0 number. Therefore the ALU cannot compute a division by 0. A programmer should always check that a variable is not 0 before attempting a division. - Communication error
Online systems require connections to host servers. If this connection is dropped, unable to be established or the server is overloaded, it could potentially cause a program to crash or hang when loading/saving data. A programmer should enable ways for the user to cancel requests or fail gracefully, reporting the connection error. The program may be able to automatically resume when the connection is available again. - Printer and other peripheral errors
If a program outputs a hardcopy, the printer may run out of ink, paper, or have a jam. The program should not assume that an output to a printer was successful and always have options to reprint reports or receipts. - Disk errors
Programs that read and write to files need to handle many types of exceptions, incl. file/folder not being found, disk out of space, data in file being corrupt, end of file reached. Robust programs will handle all these situations by checking files and data before attempting to use them for further processing.
What is authentication and why should it be used for defensive design?
Data used by systems should be secure.
This can be achieved with: usernames and passwords to access systems; recovering a password requiring a click on a link within the email that is sent to the registered address; encryption of data files.
Online bots can submit data automatically to online forms.
This can be protected against using software like reCAPTCHA that verifies the user is human.
Programmers should also be aware of the potential for SQL injection hacks and other methods used by hackers.
What are the different types of maintainability?
Use of sub programs
Naming conventions
Indentation
Commenting
Why is maintanability important?
Programs should be written in a way that makes maintaining and understanding them as straightforward as possible.
Say what the different types of maintainability help do.
Use of sub programs:
Using subprograms to reuse code and makes them easier to test. Called modularisation.
Subrpograms/functions also help structure the code, and eliminate duplication of the code
Naming conventions:
Appropriate variable names, using a naming convention, ensure the purpose of a variable is immediately understood.
Use descriptive variable names and explain their purpose with a comment when declared.
Indentation:
Using indentation to improve readability and clearly show each “block” of code
Use indentation for every selection and iteration branch
Comments
Comments enable a programmer to understand the purpose of each line of code. Crucial when working with a team.
Use comments to: explain the purpose of the program; explain sections of code, typically selections, iterations and procedures; explain unusual approaches that were necessary; visually divide sections of a program
Use constants decleared at the top of the program. Using constants is another method of improving maintainability. This keeps the program consistent, which makes it easier to read and debug the program.
What is the purpose of testing?
The main purpose of testing is to ensure that a program works correctly no matter what input has been entered by the user.
Other reasons include ensuring the user requirements have been met, errors have been removed and the program doesn’t crush while running.
- ensure that there are no errors (bugs) in the code
- check that the performance has an acceptable performance and usability
- to ensure unauthorised access is prevented
- to check the program meets the requirements
What are the two different types of testing?
Iterative testing:
each new module is tested as it is written
Program branches are checked for functionality
Checking new moduels do not introduce errors within the existing code
tests to ensure the program handles erroneous data and exceptional situations
Takes place during program development. Each new module is tests and the process is repeated unti lthe module works as expected.
Final testing:
Testing that all modules work together (Integration testing)
testing the program produces the required results with boundary, normal, invalid and erroneous data
checking the program meets the requirements with the real data
a beta test may find more errors
Take splace after development and before the program is released to the end user.
This takes place once all the modules have been individually tested to ensure the whole program works as initially expected.
What is the difference between iterative and final testing
iterative - during program development
final - after program is finished
What are the two different types of programming errors?
Syntax errors: Syntax errors are errors which break the grammatical rules of the
programming language and stop it from being run/translated
Logical errors: a mistake made by the programmer - Logic errors are errors which produce unexpected output, even though the program will run without crashing
What is test data?
Test data is used to test whether a program is functioning correctly.
It should cover a range of possible and and incorrect inputs, each designed to prove a program works or to highlight any flaws.
What are the 4 types of test data
Normal: Normal data is data which should be accepted by a program without causing errors
Boundary: Boundary test data as data of the correct type which is on the
very edge of being valid (eg. in a list of 1-10, testing 1 and 10, where 1 and 10 are correct)
Invalid data: Invalid test data as data of the correct data type which should be rejected by a computer system (eg a list of 1-10, testing 12 and 12 is incorrect)
Erroneous: Erroneous test data as data of the incorrect data type which should be rejected by a computer system (eg. in a list of 1-10, “hello” would be erroneous as not an integer)
