CS/SWE 332 Assignments 12 and 13
Tools: Contracts, Security, Agile, Testing, Enums
You have a choice of possible assignments.
Choose one for assignment 12 and another (different one) for assignment 13.
In each case, the deliverable is a story.
Write a brief report,
and include enough evidence
(output, screen shots, etc.)
that the GTA can figure out that you actually completed the assignment.
Bring up the C# contracts mechanism in VisualStudio.
Translate one of Liskov's examples to C# and implement
the contracts with the Code Contracts mechanism.
Consider one of the
copyOf() methods in the java
Arrays utility class.
Bloch uses this method in his
Code a corresponding method in C++, changing the argument list as necessary.
Provide a specification for the C++ code by
translating the JavaDoc and adding preconditions as necessary.
Explain what this exercise demonstrates about C++ type safety.
For most of the semester, we have focused on
design considerations for constructing software
that does something we want it to do.
For this last assignment, I would like students
to appreciate just how vulnerable software is
to malicious parties intent on attacking their
Students who find this assignment amusing might
wish to take CS 468: Secure Programming and Systems.
There are two attacks documented in Bloch's
Item 76: Write
readObject() methods defensively.
One is called
and the other is called
Implement either (your choice) of these attacks (basically involves
typing in code from Bloch) and verify that the attack takes place.
- Find some existing code that uses the "int enum pattern"
and refactor it to use Java Enums instead.
Identify any type-safety issue you uncover in the existing code.
To make the exercise interesting,
extend your enums beyond simple named-constants
in one of the ways discussed by Bloch in Item 30.
Do one of the following, depending on your current Agile expertise:
Work through a simple TDD example
one step at a time.
Don't skip anything.
Koskela, Chapter 2, has an excellent example.
Koskela is available online through the GMU's subscription
to the Safari service:
Off Campus Safari Link.
Continuous Integration Novice:
(or some combination).
Use these tools to set up some toy Java project
for continuous integration.
For realism, you should set up version control as well.
One possibility is Subversion.
Another, now more popular, one is GitHub.
Regular JUnit User:
Download a mocking tool such as
and set up some interaction-based tests.
Koskela has examples.
Download and explore some Agile tool with which you are currently unfamiliar.
Convert an existing JUnit test set to JUnit
If you wish to construct JUnit from scratch for this, that's fine too.