Systems Playbook

Verification Over Authorship

Categories
Design
Sources
Fundamentals of Software Architecture, Refactoring (Martin Fowler, 2nd edition), Site Reliability Engineering (Google), The Pragmatic Programmer, Threat Modeling (Adam Shostack)

The durable difficulty in software was never typing the code; it was deciding what the code should do and establishing that it actually does it. Producing an implementation is the cheap, fast part; specifying intent precisely and verifying correctness is the scarce, hard, lasting work. As authorship gets cheaper, value concentrates in verification: the contracts, tests, checks, observation, and adversarial analysis that establish a system is right, not merely that it runs.

Reinforced By

  • Design by Contract — state expectations explicitly so correctness is checkable, not assumed.
  • Automated Testing — establish that behavior is preserved by running checks, not by inspection or hope.
  • Fitness Functions — keep the architecture's qualities honest over time with automated, objective checks.
  • Fail Fast — surface violations of what should be true loudly and at their source.
  • Observability — verify behavior where it actually runs, in production, not only in theory.
  • Threat Modeling — verify against an adversary: establish not just that it works, but that it cannot easily be made to fail.

Why it Matters

Every source places the hard work after authorship, in establishing correctness. The Pragmatic Programmer makes assumptions explicit and checkable with contracts and assertions; Fundamentals of Software Architecture keeps qualities honest with fitness functions; Refactoring depends on a trustworthy test suite to change code safely; Site Reliability Engineering verifies running systems through observation and manages them to a measured reliability target; Threat Modeling verifies against adversaries by enumerating how a system can be made to fail. Across software craft, architecture, refactoring, operations, and security the pattern is identical: writing the code is necessary but is neither where the difficulty lies nor where the durable value is. Deciding what is correct, and demonstrating that it is, hold their value no matter how the code gets written.

Tension

Verification has a cost paid now against a benefit that is diffuse and deferred, so it loses to delivery pressure the same way design investment does. And verification can be performed badly, tests coupled to implementation, vanity metrics, checklist security, so that it manufactures false confidence instead of real assurance. Verifying the wrong things thoroughly is its own failure.