Availability Guide for Application Design
Minimizing Programming Errors
Availability Guide for Application Design—525637-004
9-7
Development Methodology
A corrupted counter can cause a program to behave unpredictably. You can
minimize damage, however, by checking the values of counters. You might do this
after each increment, or you might do it periodically and check that, for example, a
counter that starts at zero and increments by 7 is always a multiple of 7.
•
Check all options when selecting from a choice of possibilities, and then provide a
default option.
Your design might make a decision based on the value of some variable and
assume that the possible values for that variable are, for example, 2, 3, and 4.
Code that has established that the value of this variable is neither 2 nor 3 should
not assume that its value is 4. You should also check for a value of 4 and raise
some form of alert if the value is neither 2, 3, nor 4. For example, you might have a
separate check for every known error value that could be returned from a verb,
function, or procedure and then specify a default action for unknown error values.
These options are often implemented using statements such as the CASE
statement in C or the SWITCH statement in TAL. The default option for these
statements should handle only unexpected values.
Language-Specific Considerations
The specific programming language you are using also affects the types of checks you
might insert. For example, in C or TAL, an enumerated type is typically an integer, so it
makes sense for procedures that take an enumerated variable as input to make sure
that the variable is in the proper range. In C++, however, the compiler checks the
range for you, so it makes less sense to check the range.
When using C++, many defects can be prevented by taking advantage of its strong
type-safety features. One of the most common causes of error in C++ is incorrect use
of casts; you should perform checks at that point.
Whatever the language you are using, a set of well-researched programming
standards or guidelines can help prevent many errors if properly enforced.
Development Methodology
When designing and developing an application that must run with a high level of
availability, your goal must be to produce high-quality code; that is, code that satisfies
the needs of your business with a minimum number of defects. Naturally, you want to
achieve these goals efficiently. The following discussion presents an outline that places
emphasis on building quality into the application from the earliest phases of the
development cycle. Only an outline is given here. Several books have been written on
this subject in which you can find details on how to implement this kind of methodology.
The development methodology introduced here is based on experience that the costs
of fixing defects increase as you get further into the development/production cycle. As
indicated in Figure 9-1, a code defect caught during quality assurance of the product
typically costs about 10 times what the same defect would cost to fix during the