Application Security Testing: An Integral Part of DevOps
I mentor the robotics team at a local high school. Recently, I was reviewing the code of a couple students when I came across what appeared to be some very complex boolean logic. The code was using the input from several sensors to determine what to do next. Following the logic when there are only a couple booleans to take into account is not that bad, but what do you do when you are evaluating 6-8 different variables? The logic can get confusing very quickly. The first step I suggest taking is to try to simplify the boolean logic. Here are some basic rules you can apply to try to reduce your boolean logic complexity:
1. !(!x) == x 2. x | x == x 3. x | !x == true 4. !x | !y == !(x & y) - DeMorgan's Theorem 5. !x & !y == !(x | y) - DeMorgan's Theorem 6. x & x == x 7. x & !x == false 8. x | y == y | x - Commutative Law 9. x & y == y & x - Commutative Law 10. (x | y) | z == x | (y | x) - Associative Law 11. (x & y) & z == x & (y & z) - Associative Law 12. x & y | x & z == x & (y | z) - Distributive Law 13. (x | y) & (x | x) == x | (y & z) - Distributive Law 14. x | x & y == x 15. x & y | x & !y == x 16. (x & y) | (!x & z) | (y & z) == (x & y) | (!x & z) 17. (x | y) & (!x | z) & (y | z) == (x | y) & (!x | z) 18. x & (x | y) == x 19. (x | y) & (x | !y) == x
This is by no means a comprehensive list. Applying these simple rules, however, could take logic that is nearly impossible to understand and make it comprehendible. In my case, what appeared to be very complex logic boiled down to four if statements, each of which only needed to evaluate two variables. Boolean logic isn't the only place this type of thinking can help. Any time you come across code that is hard to understand, see whether there is a means to simplify the logic or remove conditions. The code will be much easier to follow and the next person who has to maintain the application will thank you.
About the Author
Jay Miller is a Software Engineer with Electronic Tracking Systems, a company dedicated to robbery prevention, apprehension, and recovery based in Carrollton, Texas. Jay has been working with .NET since the release of the first beta and is co-author of Learn Microsoft Visual Basic.Net In a Weekend. Jay can be reached via email at firstname.lastname@example.org.