Discussion in software design literature, under such names as separation
of concerns, information hiding, modularity, encapsulation, etc, is
massive. However, I have never seen a concise summary so I wrote this.
Introduction
The fundamental problem facing software development (complexity) and the most important approach to tackling it (the principle of divide and conquer). Of course, that is just the start of the story. The real challenge is to find the best way to divide a problem in order to conquer it.
In general, approaches to this are the subject of just about every
book you have read or will read about designing software - ie, the best
way to split a problem into smaller and smaller sub-problems which are
more easily tackled. Here I distill the essence of commonly described
techniques as well as adding a few approaches of my own.
Modules and Interfaces
There are many names given to
software components designed to handle specific problems and
sub-problems. I am going to use the word module.
Of course, a large module will use sub-modules to handle it own particular sub-problems. At the highest level a module may be a program or tool (or even a suite of programs) which is part of a larger system. At the lowest level a module is
a function or procedure. In C, it is common to have clearly defined
modules at the source file level. In OO languages like C++, Java, and
C# the most common type of module is a class, which may or may not correspond to a single source file.
Another important idea is what I will call the interface. This is simply what a module exposes to the outside world. By definition, all communications between modules take place through interfaces. In C and C++ the interfaces to most modules are typically specified in individual header files (typically in a .H file with the same name as the corresponding .C file).
Techniques
SRP
One of the simplest, and most obvious, ideas is that a module should
do just one thing. This idea is ubiquitous in the history of software
design. For example, one of the basic design principles of UNIX is that
a tool (or any module) should do just one thing (and do it well). This is what is commonly discussed when people talk about separation of concerns. More recently the name SRP (single responsibility principle) has become popular.
Although the idea is simple it is not always easy to recognize when a module is
doing more than one thing. For example, many potentially simple
routines are often overwhelmed by ancillary concerns, such as data
initialization, data retrieval, data conversion, global state
management, error handling, logging, etc. When queried on why the code
is structured that way the designer/developer is unaware of how to
separate the concerns or even oblivious to the advantages of doing so.
Further, it is often not possible to separate concerns without access to
(or understanding of) the necessary technique or technology. There
have many technologies that have been created for this very reason, such
as:
- function pointers: being able to pass around a pointer to code makes many patterns of modularity possible (see my previous posts on IOC and DI)
- object-oriented: sometimes a function pointer is not enough; OO technologies also allow data and code (methods) to be handled as one
- exception handling: allows error handling code to be separated from normal flow of control
- multi-tasking: allows separate processes to run simultaneously with controlled interactions
- aspect-oriented: allows "cross-cutting" concerns to be isolated from the rest of the code
- generics: allows concerns to be separated from the rest of the software in a way that does not reduce performance or sacrifice type-safety
Another good example is from my previous post on Dependency Injection. It is not obvious that comparison can be separated from sorting which might result in the design of Diagram 2.
Once you realize that the sorting algorithm does not need to know the
details of how two elements are compared (only that the elements can be
given an ordering) a better separation of concerns can be achieved as in
Diagram 3.
DRY
Another basic idea is to eliminate duplicate code, and is often known by the acronym DRY (Don't Repeat Yourself). It is closely related to SRP since if module boundaries
are well chosen then the likelihood of duplicate code is reduced.
Duplicate code is not only a maintenance problem it's also indicative
of a poor design in general.
Similarly to SRP there are two problems with DRY: recognizing that two or more pieces of code have commonality; and isolating that commonality.
It can be hard, just inspecting two different pieces of code, to detect
any commonality. For example, the code to sort an array of strings may
bear no resemblance to code for sorting a linked list of structures.
The original designer should be aware that both pieces of code are
performing a sorting operation and attempt to isolate it into a separate
module (or re-use an existing sort module).
Of course, sorting is a fairly obvious operation, but a designer may
have much more difficulty finding and separating other pieces of
commonality. Generally, this takes practice and a little lateral
thinking but mainly depends on the ability of the designer.
A common pattern when duplicate code is found is to isolate it into a separate module.
Duplicate Code Moved to a New module.
Information Hiding
An important part of the design of modules is the idea that implementation details should be hidden from the outside. This means designing an interface that does not expose internal details that may need to change. It also means hiding private methods and data from outside use.
What is Information Hiding?
Some authors consider information hiding to be the
principle behind good module design. I use the term simply to mean
hiding details of a module's implementation from the outside world.
A common problem is that an interface will expose details of the module's implementation. In C++ this is often due to using public data members. For example, consider a 2-D rectangle class that exposes four numbers: bottom, left, top and right;
which are effectively the the coordinates of two corners of the
rectangle. If, for some reason, the implementation needs to be changed
to use the bottom, left corner plus height and width it is not possible
without changing the interface. Further, a rectangle like this can only have sides parallel to the axes - what if you wanted to add the ability to rotate?
Another problem is when internal parts of the module are accidentally left visible. For example, in C it is not unusual for functions internal to a module to
be globally visible. This can cause maintenance problems, such as name
conflicts or accidental use of similarly named functions. Anything
that is not hidden effectively becomes part of the interface, since it could potentially be used from another module. Module-private functions in C should always be declared static to avoid their name being globally visible, in the same way as functions internal to a class in C++ should be declared private.
It should be obvious that using a simple, well-defined interface (that only exposes information on what the module does
not how it does it) has many advantages. It enhances maintainability
and portability. Possibly more importantly, it improves understandability of what the module does, which in turn helps you to understand interactions between modules and verify that the overall design is consistent.
Decoupling
Another piece of software design jargon is coupling which is simply how much modules depend on each other. The aim is to remove dependencies as much as possible. This partly depends on information hiding but also relates to how modules themselves are inter-connected. Decoupling has large benefits for the maintainability of software. Loosely coupled modules allows changes or improvements in one module to be made easily without affecting (or introducing the possibility of inadvertently affecting) other parts of the code.
If two modules are tightly coupled then there is a lot of interaction between them, which if taken to extremes means they effectively become one module. When most or all modules are tightly coupled you end up with the Ball of Mud anti-pattern.
For effective decoupling, module interfaces should be as simple as possible, visible and well-defined (see information hiding above). One indicator of poor decoupling is when a minor change to a system requires changes in multiple places.
However, decoupling goes further than just having good interfaces. Suppose, we have six well-designed modules that each perform a single function with simple, well-understood interfaces. If each module depends on every other module then there is a high degree of coupling between the modules.
Tightly Coupled Modules.
A good design will try to organize the modules into a hierarchy so that each module is only dependent on a few other modules and
there are no circular dependencies. A hierarchy make the interactions
easier to comprehend. A graph of the dependencies will be a tree or DAG
(directed acyclic graph). Here is an example:
Loosely Coupled Modules
Encapsulate what Varies
A major purpose of dividing software into modules is to enhance
its maintainability. The are other advantages such as
understandability, re-usability, verifiability, etc, but in my opinion maintainability is the most important quality attribute of most software - yes even more important than correctness. (See my blog Developer Quality Attributes.)
Software Designer's Jargon
Encapsulation, modularity, information hiding, reducing coupling,
increasing cohesion, etc are all terms that are used in software design
literature to describe the same idea of decomposing a design into
modules and reducing the coupling between those modules. Different
people have slightly different interpretations of these terms but the
important thing is to understand the ideas, not to be too fussed about
the jargon.
Hence it makes sense that, when splitting a design into modules, you should try to isolate the parts of the system that are likely to change. This is given the software design catchphrase encapsulate what varies.
Flexible Interfaces
Having well-defined interfaces means that modules can be changed more easily, but often enhancements are required that mean the actual interface to a module needs to change. Just having a simple, well-defined interface is not enough -- it's also important to have flexible interfaces that support forwards (and even backward) compatibility.
I think an example (in C/C++) is in order, to clarify this. Imagine we
have module A that enquires of module B the price of a stock using a
function call like this:
/* moduleB.h */
extern long moduleb.get_price(const char * stock_code);
/* moduleA.c */
price = moduleb.get_price("GOOG"); // get Google's stock price
Now imagine this needs to be enhanced to allow the price of the stock to
be obtained at any time in the past. In C++ we can add a defaulted
time parameter like this:
/* moduleB.h */
extern long moduleb.get_price(const char * stock_code, time_t time = (time_t)-1);
/* moduleB.cpp */
long get_price(const char * stock_code, time_t time)
{
if (time == (time_t)-1)
time = time(NULL); // default parameter value uses current time
...
/* moduleA.cpp */
price = moduleb.get_price("GOOG");
...
price = moduleb.get_price("MSFT", open_time);
This allows the old module A to work with the new module B without any code changes. This facility (of C++) is useful but module A stills needs to be rebuilt because the defaulted parameter is added by the compiler at compile-time.
If you try to use the old module A with the new Module B or the old
module B with the new module A you will get a link error (for statically
linked libraries) or a run-time error if using dynamic libraries.
A more flexible interface would allow optional parameters to be passed at run-time. This is often accomplished using a text-based interface.
/* moduleB.h */
extern long moduleb.get_price(const char * params);
/* moduleA.c */
price = moduleb.get_price("code=GOOG");
Now if we enhance module B to accept a time then module A can be enhanced like this:
/* moduleA.c */
price = moduleb.get_price("code=GOOG, time=10:00");
If the old module A calls the new module B it behaves exactly as before, for backward compatibility. That is, if the time parameter is missing the new module B should use the current time.
Also if the new module A calls the old module B then it can also behave sensibly, if it has been designed to be forward compatible.
That is, the original module B should ignore anything it does not
understand, such as the time parameter. Of course, this means that the
current stock price will be returned instead of the price at 10:00, but
this may be preferable to a run-time error.
Of course, the disadvantage of the above system is that you need extra
code to create and parse the text strings. This is one reason that XML
is very popular for decoupling modules. The main advantage of
XML is that the parsing and validation can be done for you by using a
DTD or schema. There are other advantages to using XML such as the
plethora of code and tools available and the fact that there are
standardised, culture-neutral formats for numbers, dates, etc.
Dual Interfaces
Generally modules are written to only provide one interface to the outside world.
The inspiration for this idea came from the use of the "const" keyword
in C+ and C, and const iterators in STL. It allows you to pass a
pointer (or reference) to a function and be sure that the function does
not modify the object pointed to.
One technique that I have found useful is to provide two interfaces: one interface is read-only (ie is just used for enquiry) and a separate interface is
provided that allows making changes. When understanding the overall
design of a system it is often very useful to know that one module does not affect another even though it may use it.
Using two interfaces in this way can help you to understand the design. (Having more than two interfaces may indicate that you module violates
SRP.) For example, it is not uncommon to find a container passed to a
method and not be sure that the method does not modify the contents of
the container.
As a more complete example, consider a simple spreadsheet program that I once implemented using MFC. MFC use a Document-View architecture which is an example of the Observer Pattern and a simplification of MVC (where the MVC model is called the Document in MFC and the MVC View and Controller are combined into the MFC View class). Note that this is a good example of decoupling as the model need know nothing of its views - to update the views it simply broadcasts a message to which all attached views subscribe.
In MFC the model or Document is essentially a 2-d array that stores the data of all the cells of the spreadsheet. The model class
provides many methods for modifying the data such as changing the
contents of cells, deleting rows or columns etc. There are also methods
that just retrieve information, such as cell contents.
In this design you can have multiple views connected to the same model. For example, you could have two table views in split windows that show different parts of the model in the normal tabular format of a spreadsheet. You could also have a other types of view such as a graph view which shows the spreadsheet data as a bar or pie graph. This is shown in the following UML class diagram.
UML Diagram showing Model-View Associations.
The problem with this diagram is that the table and graph views appear equivalent. In reality, the table view can make changes to the model, such as editing the contents of a cell, but the graph view
only reads the data. Unfortunately, in a UML class diagram such an
association is represented by a dotted arrow and there is no way to
differentiate between an association that modifies an object from one
that only retrieves information.
Eliminate Unused Code
Unreachable code is code that can never be executed when the software
runs. It is similar to redundant code in that it can be indicative of a
poor design -- though it is can be just an oversight. To find such
code a code coverage tool should be used to make sure your
tests exercise all the code. If code is not executed then create tests
that cover it; if that is not possible remove the code.
One way I have seen unused code created is through misuse of
inheritance. If derived classes always override a method then there is
no point having a base class implementation. This typically indicates
that the classes should be inheriting from an abstract base class (or an
interface in C#/Java).
Conclusion
This post has looked at some techniques for deciding how to split a design into modules, how to design interfaces,
and how to recognize a design that needs improvement. Generally, good
design requires experience and a readiness to learn new ideas, such as
the design patterns discussed in the Design Patterns book that I have mentioned in previous posts.
Most software developers understand the benefits of decomposing a large program into modules.
In reality, the best way to do so is not always obvious and
consequently most software still suffers from poor design. In my next
post I will look at a common approach which is often used, but is rarely
appropriate. It is perhaps one of the worst design anti-patterns.
No comments:
Post a Comment