Defensive Design

Defensive Design Principles

  • Anticipate misuses: Design the system in such a way that it’s resilient to potential misuse, like data breach attempts.

  • Input Validation: Implement robust checks to verify the accuracy and appropriateness of user data inputs.

  • Fail gracefully: When something goes wrong in the system’s operation, it should handle the situation gracefully to prevent a complete shut down.

  • Backup system: Maintain a backup of the system or data to make recovery easier in case of a system failure.

The Necessity of Defensive Design

  • Robust system: Defensive design aims to make the system robust, ensuring it functions correctly under various scenarios.

  • Increased Security: Our systems are increasingly threatened by cyber attacks. Defensive design can help mitigate such threats.

  • Prevent data corruption: By checking the validity and appropriateness of user inputs, defensive design techniques can help prevent corruption of the system data.

Common Techniques of Defensive Design

  • Data sanitisation: Ensure all incoming data is cleaned of potentially harmful elements before it’s processed.

  • Error handling: Include measures to detect errors, respond adequately, and, if possible, to correct them.

  • Testing: Routine and strict testing is an important aspect of defensive design, and it helps ensure the robustness of your system.

  • Authentication and authorisation: Implementing strong user authentication and authorisation procedures can increase the security of a system.

The Impact of Defensive Design

  • Improved User Experience: Systems that fail gracefully provide a better overall user experience as they are less frustrating for users.

  • Better Performance: Systems built with defensive design principles tend to have better performance, as they are designed to function under a host of different scenarios.

  • Improved system longevity: Systems that are robust and resilient to misuse or corruption are likely to have a longer lifespan.