3.1: Defensive Design
Defensive Design Considerations
There are several things to consider when creating a program that is secure and robust, including:
Planning ahead to take steps against potential misuse (e.g Twitter preventing the same tweet sent twice in a row).
Cleaning up data that has been input, (e.g. removing special characters to prevent a SQL injection).
Checking whether input data follows criteria and should be accepted. (e.g. length check on a password).
Checking whether data has been entered correctly (e.g. double entry).
Ensuring only authorised users can gain access to a system (e.g. passwords)
Allowing other programmers to understand the code (e.g. comments, indentation, meaningful variable names).
Validation is a process to check that data is reasonable or sensible before it is accepted.
Checks data is within a certain range.
Checks data is a certain data type.
Height (in cm):
Checks data is entered in a certain way.
Date of Birth (DD/MM/YYYY)
25th March 01
Checks that data has actually been entered and not left blank.
A table of acceptable entries, also known as a list.
Checks the length of the input is within a certain amount.
Programs should be written in a way that makes maintaining and understanding them as straightforward as possible.
Examples of making a program maintainable include:
Using subprograms to reuse code and make them easier to test. This is called modularisation.
Appropriate variable names, using a naming convention, ensure the purpose of a variable is immediately understood.
Using indentation to improve readability and clearly show each ‘block’ of code.
Comments enable a programmer to understand the purpose of each line of code. Crucial when working in a team.
Using constants is another method of improving maintainability. This keeps the program code consistent, which makes it easier to read and debug a program.
3.1 - Defensive Design:
1. Describe the different considerations a programmer should make for a defensive design. 
2. Describe the each validation check and give a suitable example. 
3. Explain the different ways a program can be maintained.