Design by contract, also known as contract programming

Contract for Quality or Contract Programming

The problem of improving quality of software worries everyone from programmers and managers to ordinary users. In this article, we will talk about "contract programming" (also known as design by contract) – an approach to designing software that involves using special preconditions and postconditions for methods and invariants for classes. These conditions control the proper operation of the methods and the correctness of the objects status.

The term "contract programming" was coined by Bertrand Meyer, author of Eiffel programming language. This general-purpose object-oriented language appeared in 1986. It did not become a mainstream language. However, until now it is being developed by Eiffel Software Company. It has its niche in areas where reliability of software is critical and it is well suited to handle complex and large projects. According to the Eiffel Software statistic, 90% of errors are identified and corrected at the stage of development, thanks to built-in support of contract programming.

Eiffel has very interesting capabilities and the contract programming constructs have become its integral part from the very beginning. Let's review the principles of contract programming technique by the example of program in Eiffel:

                  -- Common Era date

          set (y: INTEGER, m: INTEGER, d: INTEGER) is
                  -- A new date
                  0 <= y
                  1 <= m and m <= 12
                  1 <= d and d < 31
                  year := y
                  month := m
                  day : = d
              end -- set

          to_string: STRING is
                  -- Printable representation
                  Result := year.out
                  Result.append_character ('.')
                  Result.append_character ('.')
                  result_exists : Result /= Void
              end -- to_string

      feature {NONE}
          year: INTEGER

          month: INTEGER

          day: INTEGER

          0 <= year
          1 <= month and month <= 12
          1 <= day and day <=31
          month = 2 and day <=29
          (month = 4 or month = 6 or month = 9 or month = 11) and day <= 30

      end -- class DATE_AD

This is a listing of DATE_AD class for storing the dates of AD. In the feature {NONE} block, three closed class members for year, month and day are defined. The feature block defines a public method set, which allows defining the date. In this method the preconditions (require block) for the input data validation checks are specified. To_string method returns a text representation of the date and there is a postcondition in this method (require block) that the result must not be empty. In block invariant, the conditions on the state of the DATE_AD class objects are set. The contracts are inherited by subclasses and they can be extended with new, more strict ones.

There are several levels of control that postconditions, preconditions and invariants are met. At the development phase, in EiffelStudio it is possible to keep track of all contacts. In the production mode, when it is necessary to maximize performance, the monitoring may be turned off or may be used selectively: preconditions only, selected classes only, etc. When a behavioural or interface contract is broken, it throws an exception, which can be processed.

The style of programming in Eiffel is conducive to writing self-documenting code. The contracts are not only monitored at program run-time, but they are also used to generate documentation by means of the Eiffel development tools. The description of subclasses includes contracts of all base classes.

"Contract programming" is not limited to Eiffel. Some popular programming languages that originally involved the means of contract programming are Ada 2012, Clojure, D, Racket (Plt-Scheme). In other languages the support of the contract programming technology is added by external libraries: C and С++, C#, Java, JavaScript, Lisp, Perl, PHP, Python, Ruby. Not all implementations are comparable in capabilities to Eiffel. However, using even the simplest constructs of contract programming improves the code quality:

  • Validating contracts on both development and exploitation stages.
  • Self-documentability of the program. The contract, as an integral part of the code, documents the interface and implementation of the class. Moreover, such description of the class is always up to date.
  • Declarative description of the contracts apart from the methods. This allows you to focus on implementation of business logic and not to waste efforts on checking the input parameters and results, as well as complex logic of monitoring the correctness of object states.
  • Control of the consistency and semantic integrity of the class hierarchy. The contract of base class can be tightened in a subclass, but still remains mandatory for execution. If the method returns a positive number, then the overridden method cannot return negative numbers.

In conclusion, here is a list of resources that will help you to dip deeper into the contract programming concepts and find the libraries for your software platform.

  1. Eiffel documentation – the main website of the documentation for Eiffel language and the products of Eiffel Software company.
  2. Design by contract – the general information about contract programming with a list of languages and libraries that support this software designing method
  3. Racket's contract system – Racket (formerly named Plt-Scheme) documentation that includes implementation of the higher-order contracts.