-
Notifications
You must be signed in to change notification settings - Fork 16
/
Copy pathstability.theory.txt
56 lines (49 loc) · 3.38 KB
/
stability.theory.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
┏━━━━━━━━━━━━━━━┓
┃ STABILITY ┃
┗━━━━━━━━━━━━━━━┛
STABILITY/ROBUSTNESS ==> #Making interface predictable, i.e. avoiding errors, including with erronous input
#Pros:
# - correctness
#Cons:
# - less flexibility
# - increased complexity
ROBUSTNESS PRINCIPLE ==> #Also called "Postel's law"
#Increase robustness by:
# - being liberal in input
# - benefit: reduces erratic behavior due to wrong input
# - problems:
# - harder to implement|maintain
# - less consistency among different implementations of the same interface
# - being strict in output
#E.g. with design by contract:
# - less preconditions, exceptions
# - more postconditions, invariants
DESIGN BY CONTRACT ==> #Increase robustness by defining input, output and side effects:
# - preconditions:
# - required condition to run function
# - ex:
# - arguments types, concepts|interfaces, constraints
# - arity
# - postconditions:
# - required condition after function has run
# - does not emcompass side effects
# - ex:
# - return values types, concepts|interfaces, constraints
# - arguments state change
# - class functions pass "this" as implicit argument, so includes class state change
# - invariants:
# - like postconditions but the condition is that it did not change
# - can change in-between providing: temporariy, thread-safe, exception-safe
# - ex: const variables
# - side effects: global state changes
# - exceptions:
# - which exceptions are thrown. If any:
# - is the function exception-safe
# - postconditions are not guaranteed, but invariants should be
# - time complexity
#Can be:
# - documented
# - enforced compile-time or runtime
COMPATIBILITY ==> #See compatibility doc
TESTABILITY ==> #See testing doc
SECURITY ==> #See security doc