Skip to main content

Boundary Breaks

Scope

The target is states in which assumptions about boundaries separating the inside and outside of a system can no longer be maintained. What is addressed here is not specific external APIs or communication methods, but types of breakdown observed during operations.

Definition

Boundary breaks describes a state in which assumptions such as input format, response content, availability, and temporal constraints that were assumed to hold when a system interacts with the outside partially collapse, and internal processing no longer holds based on those assumptions.

Symptoms

  • Unexpected input or responses cross boundaries and internal state cannot be handled as assumed
  • Situations are observed where changes to external specifications affect assumptions of internal processing without being detected
  • Situations are observed where timeouts or partial failures are incorporated into happy-path assumptions rather than treated as exceptions
  • Situations are observed where responsibility and decisions crossing boundaries are treated as part of internal logic

Typical Triggers

  • States continue where the behavior of external systems is embedded in code as implicit assumptions
  • States are treated as assumptions where error handling or fallback is partially implemented
  • Input is trusted while verification of boundary conditions is omitted
  • Operations continue without assumptions regarding boundaries being made explicit

Diagnostic Questions

  • Is it a state where values passed from the outside are trusted unconditionally? Is it a state where guarantees and non-guarantees at boundaries can be clearly explained?
  • Is it a state where states during timeout or failure can be grasped?
  • Is it a state where paths through which changes crossing boundaries propagate internally can be enumerated?

What This Is Not

  • This does not indicate best practices for API design
  • This does not aim to completely eliminate external dependencies
  • This does not refer to single communication errors or failure cases

Connections

Last updated on by Hiroshi Kurabayashi