Design by Contract is a design methodology that promotes software reliability and reusability by requiring each component module to have a well-specified interface and leaves a module's behavior undefined if its requirements are not met. The DBC methodology may well lead to software with fewer overall faults, but its lack of interface validation encourages the class of failures that, through error propagation, results in violation of security policy. In this paper we explore the interaction of the tenets of the design by contract methodology with the requirements of system security.
Full paper Appears in Proceedings of the 2004 IASTED International Conference on Software Engineering and Applications (SEA), Cambridge, Massachusetts, November 2004..