Department of Computer Science
University of California at Davis
Davis, CA 95616-8562
Principles of Robust Programming
A robust program differs from a non-robust, or fragile, program by its adherence to the following four principles:
Paranoia. Don’t trust anything you don’t generate! Whenever someone uses your program or library routine, assume they will try to break it. When you call another function, check that it succeeds. Most importantly, assume that your own code will have problems, and program defensively, so those problems can be detected as quickly as possible.
Stupidity. Assume that the caller or user is an idiot, and cannot read any manual pages or documentation. Program so that the code you write will handle incorrect, bogus, and malformed inputs and parameters in a reasonable fashion, “reasonable” being defined by the environment. For example, if you print an error message, the message should be self-explanatory