paper 2

Subdecks (1)

Cards (145)

  • Defensive Design
    Creating a program that is secure and robust
  • Defensive Design Considerations
    • Anticipating Misuse
    • Input Sanitisation
    • Validation
    • Verification
    • Authentication
    • Maintainable code
  • Anticipating Misuse
    Planning ahead to take steps against potential misuse (e.g Twitter preventing the same tweet sent twice in a row)
  • Input Sanitisation
    Cleaning up data that has been input, (e.g. removing special characters to prevent a SQL injection)
  • Validation
    Checking whether input data follows criteria and should be accepted (e.g. length check on a password)
  • Verification
    Checking whether data has been entered correctly (e.g. double entry)
  • Authentication
    Ensuring only authorised users can gain access to a system (e.g. passwords)
  • Maintainable code
    Allowing other programmers to understand the code (e.g. comments, indentation, meaningful variable names)
  • Input Validation
    A process to check that data is reasonable or sensible before it is accepted
  • Validation Checks
    • Range Check
    • Type Check
    • Format Check
    • Presence Check
    • Lookup Table
    • Length Check
  • Range Check
    Checks data is within a certain range
  • Range Check
    • Age: 34 203
  • Type Check
    Checks data is a certain data type
  • Type Check
    • Height (in cm): 182 Two metres
  • Format Check
    Checks data is entered in a certain way
  • Format Check
    • Date of Birth (DD/MM/YYYY) 25/03/2001 25th March 01
  • Presence Check
    Checks that data has actually been entered and not left blank
  • Lookup Table
    A table of acceptable entries, also known as a list
  • Length Check
    Checks the length of the input is within a certain amount
  • Length Check
    • Password: fluffythecat123 Telephone Number 08323877319 07383
  • Ways to make a program maintainable
    • Using subprograms to reuse code and make them easier to test (modularisation)
    • Appropriate variable names, using a naming convention, ensure the purpose of a variable is immediately understood
    • Using indentation to improve readability and clearly show each 'block' of code
    • Comments enable a programmer to understand the purpose of each line of code
    • Using constants is another method of improving maintainability
  • Testing
    The main purpose is to ensure a program works correctly no matter what input has been entered by the user
  • Other reasons to test a program
    • Ensuring user requirements have been met
    • Errors have been removed
    • The program doesn't crash while running
  • Iterative testing
    Programmer develops a module, tests it, and repeats this process until the module works as expected
  • Final testing
    1. Takes place after development and before the program is released to the end user
    2. Ensures the whole program works as originally expected
  • Syntax error
    • A mistake in the grammar or spelling of the program
    • Prevents the program from being compiled
  • Syntax errors
    • Incorrect spelling: pront("hello")
    • Incorrect punctuation: print("hello"(
  • Logical error
    A mistake made by the programmer - the program still works but displays the wrong output
  • Logical errors
    • Incorrect calculation: total = num1 - num2 print(total)
    • Incorrect variable printed: age = 16 name = "Steve" print("Nice to meet you", age)
  • Types of test data
    • Normal data - Sensible data the program should accept and process
    • Boundary data - Data at the extreme boundary of any data ranges
    • Invalid (erroneous) data - Data the program cannot process and should not accept
    • Define computational thinking.Solving problems that can be implemented by a computer system is known as computational thinking.
    • Define abstraction.Abstraction is the process of removing unnecessary details of a problem to focus on the important features to implement in a solution.
    • Define decomposition.Decomposition is the process of breaking down a large problem into a set of smaller problems to make the problem easier to solve.
    • Low-level languageA low-level language is a programming language that directly translates to machine code understood by the processor.
    • First generation languageMachine code is a first-generation language where instructions are directly executable by the processor and written in binary code.
    • Second generation languageAssembly code is a second-generation language that uses mnemonics that correspond almost exactly to machine code instructions.
    • High-level languageA high-level programming language uses English-like statements to allow users to program with easy to use code.
    • State two advantages of high-level languages?The advantages of high-level languages are that they are easier to:
    • read
    • write
    • debug
    • maintain.
    • State two disadvantages of high-level languages?The disadvantages of high-level languages are:
    • users cannot directly manipulate hardware
    • the program may be less efficient.
    • Give one example of a high-level programming language.Examples of high-level programming languages include:
    • Python
    • Java
    • Basic
    • C++.
  • Translator
    A program that translates program source code into machine code so it can be executed by a processor
  • Compiler
    A translator that translates high-level languages into machine code all in one go, typically used when a program is finished
  • Interpreter
    A translator that translates high-level languages into machine code one line at a time as the program runs
  • Assembler
    Used to translate low-level assembly code into machine code
  • Compiler
    Translates the entire program code at once
  • Interpreter
    Translates line by line as it executes