Flater, D.
(2015),
Defensive code's impact on software performance, Technical Note (NIST TN), National Institute of Standards and Technology, Gaithersburg, MD, [online], https://doi.org/10.6028/NIST.TN.1860
(Accessed October 10, 2025)
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock (
) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
Defensive code's impact on software performance
Published
Author(s)
Abstract
Defensive code is instructions added to software for the purpose of hardening it against uncontrolled failures and security problems. It is often assumed that defensive code causes a significant reduction in software performance, which justifies its omission from all but the most security-critical applications. We performed an experiment to measure the application- level performance impact of seven defensive code options on two different workloads in four different environments. Of the seven options, only one yielded clear evidence of a significant reduction in performance; the main effects of the other six were either materially or statistically insignificant.Citation
Technical Note (NIST TN) - 1860
Report Number
1860
NIST Pub Series
Pub Type
NIST Pubs
Download Paper
Citation
Issues
If you have any questions about this publication or are having problems accessing it, please contact [email protected].
Created January 26, 2015, Updated November 10, 2018