Developers Embrace Defensive Methods

Developers tired of software glitches that cause problems and cost money are turning to a method called defensive programming.

Developers tired of software glitches that cause problems and cost money are turning to a method called defensive programming, which can lengthen development time but reduce headaches after software is created.

Companies are offering development tools that let programmers incorporate defensive methods into their work. Wind River Systems Inc. last week released a set of pretested, integrated and embedded software platforms for various markets and a new subscription-based pricing model. "Software content is increasing rapidly, and our customers who used to build their own software are now finding they need a new approach," said Dave Fraser, group vice president and general manager of products at the Alameda, Calif., company. Wind River, which markets operating systems and tools for embedded systems, is rolling out four platforms that include the companys operating system, tools, connectivity software and firmware for vertical markets. The platforms are Wind River Platform for Consumer Devices, Industrial Devices, Network Equipment and Server Appliances.

The platforms are pre-developed and pretested by Wind River, Fraser said.

MKS Inc., of Waterloo, Ontario, in September released new versions of its software configuration management tools, including Code Integrity Enterprise, which enables developers to detect bugs in source code and detect possible bugs before compilation using built-in or customized quality assurance filters, officials said. MKS also announced integration with TogetherSoft Corp.s ControlCenter and IBMs WebSphere last week.

Putting Quality Into Code

Defensive programming includes:
  • Putting "firewalls" in code that signal anomalies
  • Executing unit testing using tools available
  • Adhering to coding standards
  • Addressing quality in the design phase
Defensive programming entails anticipating problems, designing applications and writing software code in a way that prevents bugs in the first place, developers said. Its becoming particularly important in the embedded space, with its small-footprint environments and use in such places as aircraft guidance systems and train-switching programs, they said. "Embedded is a killer, literally," said Sean Chou, chief technology officer of Chicago-based software company Fieldglass Inc. "If an embedded system has bugs, it could result in things like train derailments." Not only is quality important, but also "its important to have the right language and environment," Chou said.

Chou said Fieldglass used Parasoft Corp.s JTest testing tools, IBMs Eclipse open-source platform and IntelliJ Idea from JetBrains Inc. to weed out bugs during the development of InSite 3.3, Fieldglass staff procurement upgrade, due later this month. "I want to be proactive rather than reactive," Chou said.

Chou said part of the blame for bugs proliferating in software is that easy-to-use integrated development environments with drag-and-drop capabilities enable less-quality-conscious developers to build applications.

While programming defensively adds time on the front end of development, due to testing, "it means we spend less time reworking things on the back end," said Terrence Regis, director of software assessment and release at software developer Synygy Inc., in Conshohocken, Pa. Regis said Synygy uses a team approach to development, along with tools from Parasoft, Mercury Interactive Corp. and Starbase Corp. Synygy also uses about 50 coding standards of the more than 300 that Parasoft, of Monrovia, Calif., provides, he said.