State of the Art in Defensive Programming

Software is now important in almost all areas of society and is used by almost everyone everywhere. Dependence on software and the need for developers to secure their code is increasing very rapidly in times of growing cybersecurity threats. Errors can have serious consequences, which is why software needs to behave in a predictable manner despite unexpected circumstances. Since it is impossible to consider all irregularities at design-time, it is necessary to provide mechanisms to handle these unanticipated irregularities. Defensive programming aims at providing such mechanisms. The goal of this thesis is to give an overview of the research on defensive programming. In order to do this I conducted a systematic literature review which included five rounds of searching and selecting relevant literature. The research considered has been published between 1990 and the time of creation of this thesis. 45 journal articles and conference papers were taken into account for further processing. During the extraction and synthesization the literature was categorized concerning the key topic as well as the following framing parameters: System focus, unit of analysis, research type, research method and publication date. The results imply that practical research approaches are preferred to the use of theoretical ones. Furthermore, most of the considered papers are solution proposals. Moreover, studies are most frequently conducted without focusing on a specific system. I conclude that there is a need for further defensive programming research to improve the dependability of software. Especially further supporting tools and frameworks might be helpful for developers to optimize their work.