Feeds

Building cohesion into programming

Time is of the essence

SANS - Survey on application security programs

The advice to take away is that organising with respect to rate of change is a form of cohesion that can improve the stability of individual abstractions and stabilise the dependencies between them (hence the reason that these have been termed the Stable Abstractions Principle and the Stable Dependencies Principle).

What happens if you apply these principles consistently and in the large? Above the level of individual classes and packages, across a whole system, the result is a layered architecture whose layers are related by rate of change (the Shearing Layers pattern describes this in detail, relating it to a similar observation about building architecture). Rate of change often aligns with other layering criteria, such as layering of kinds of abstractions, separation of technologies, grouping of developer skills, organisational structure, etc, allowing the same design to be reached and supported by different lines of reasoning.

So, how do you design a system so that it is organised with respect to rate of change? The empirical answer is that you observe the change and respond accordingly, using refactoring as the means by which you let volatile elements bubble up and stable elements sink through the layers. Iterative development lifecycles offer a useful cyclic timeline against which stability can be assessed. Reports on relative stability can be made against source code version history. From a micro-process perspective, Test-Driven Development also offers useful feedback.

It is also possible to be proactive in trying to establish an architecture based on stability. There are a number of established design practices that promote partitioning styles that are already in tune with this idea. For example, separating the things that change from the things that do not is a recurring theme in many descriptions of polymorphism.

The Gang-of-Four's advice to "program to an interface, not an implementation" encourages a style of class hierarchy design that ensures that the root of a hierarchy is as stable as possible. Having only a pure interface at the root of a hierarchy, rather than a mix of interface and implementation, ensures that the root of the hierarchy (and its dependents) removes any instability that arises through changes in implementation at the root level.

This OO approach of separating interface from implementation is normally motivated as an extension of information hiding, which in turn is normally associated with the concept of modular design.

Although David Parnas was not responsible for coming up with the concept of the module, he was responsible for promoting the concept and encouraging a reasoned approach to modularity. If we look closely at the original motivation for information hiding, we find that we come full circle back to the notion of designing in terms of stability. The whole point of introducing separations and boundaries was to deal with "difficult design decisions or design decisions which are likely to change", partitioning so that "each module is then designed to hide such a decision from the others".

So, what then is cohesion all about? It's all about time. Build times, stability over time, and the time taken to understand a piece of code are all related. ®

3 Big data security analytics techniques

More from The Register

next story
OpenBSD founder wants to bin buggy OpenSSL library, launches fork
One Heartbleed vuln was too many for Theo de Raadt
Got Windows 8.1 Update yet? Get ready for YET ANOTHER ONE – rumor
Leaker claims big release due this fall as Microsoft herds us into the CLOUD
This time it's 'Personal': new Office 365 sub covers just two devices
Redmond also brings Office into Google's back yard
Ubuntu 14.04 LTS: Great changes, but sssh don't mention the...
Why HELLO Amazon! You weren't here last time
Patch iOS, OS X now: PDFs, JPEGs, URLs, web pages can pwn your kit
Plus: iThings and desktops at risk of NEW SSL attack flaw
Next Windows obsolescence panic is 450 days from … NOW!
The clock is ticking louder for Windows Server 2003 R2 users
Batten down the hatches, Ubuntu 14.04 LTS due in TWO DAYS
Admins dab straining server brows in advance of Trusty Tahr's long-term support landing
Red Hat to ship RHEL 7 release candidate with a taste of container tech
Grab 'near-final' version of next Enterprise Linux next week
Apple inaugurates free OS X beta program for world+dog
Prerelease software now open to anyone, not just developers – as long as you keep quiet
prev story

Whitepapers

Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Mainstay ROI - Does application security pay?
In this whitepaper learn how you and your enterprise might benefit from better software security.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.