System Design (LLD)Validating the Design

Validating the Design

LevelIntermediate

Duration60 mins

TopicValidating the Design

1 / 4

Design Review Checklist

The Critical Gap Between Design and Validation

In the high-stakes world of software engineering, a beautifully crafted design means nothing if it crumbles under the weight of real-world requirements. Every experienced engineer has witnessed the painful reality: designs that looked elegant on the whiteboard but failed spectacularly in implementation. The difference between success and failure often lies not in the creativity of the design, but in the rigor of its validation.

Design validation is not a checkpoint you pass through once—it's a continuous discipline that separates professional engineering from amateur experimentation. This page presents a systematic, battle-tested approach to design review that will transform how you evaluate your own work and the work of others.

What You Will Master

By the end of this page, you will possess a comprehensive design review checklist that addresses requirements coverage, structural integrity, behavioral correctness, operational readiness, and maintainability. You'll understand not just what to check, but why each checkpoint matters and how to evaluate it effectively.

Why Design Review Matters

Before diving into the mechanics of design review, we must understand why this discipline is non-negotiable for professional software development.

The Cost Amplification Effect:

Defects found during design review cost approximately 10-100x less to fix than the same defects discovered during testing, and 100-1000x less than those found in production. This isn't hyperbole—it's empirically validated across thousands of projects. A flawed class hierarchy that takes 30 minutes to reconsider during design can require weeks of painful refactoring once code is written, tests are in place, and dependencies have formed.

The Knowledge Crystallization Problem:

While you're actively designing, you hold the entire context in your mind: the requirements, the constraints, the alternatives you considered and rejected, the subtle reasoning behind each decision. This knowledge evaporates rapidly. A design you created last week is already harder to understand than one you finished yesterday. Systematic review captures and validates this knowledge before it fades.

Cost of Defects by Discovery Phase
Discovery Phase	Relative Cost	Impact	Recovery Difficulty
Design Review	1x (baseline)	Easily corrected on paper	Trivial—redraw diagram
Implementation	10-25x	Code rewrite required	Moderate—localized changes
Unit Testing	25-50x	Cascading test failures	Significant—multiple components
Integration Testing	50-100x	Cross-component breakage	High—coordination required
Production	100-1000x	Customer impact, reputation	Extreme—emergency response

The Illusion of Speed

Teams that skip design review to 'move faster' invariably end up slower. The time 'saved' by rushing through design is repaid with compound interest during debugging, refactoring, and production firefighting. Design review is not overhead—it's an investment that pays dividends throughout the project lifecycle.

The Comprehensive Design Review Framework

Effective design review requires a structured framework that ensures comprehensive coverage while remaining practical to apply. The following framework organizes review activities into five interconnected dimensions, each addressing a critical aspect of design quality.

The Five Dimensions of Design Validation:

Design Review Dimensions

•Requirements Alignment — Does the design fully address what we need to build? Are functional and non-functional requirements covered?
•Structural Integrity — Is the class and component structure sound? Are responsibilities clearly assigned? Is the architecture coherent?
•Behavioral Correctness — Will the design produce correct behavior? Are edge cases handled? Are invariants maintained?
•Operational Readiness — Can this design be deployed, monitored, and maintained? Are operational concerns addressed?
•Evolution Capability — Can this design adapt to anticipated changes? Is it extensible without major surgery?

Each dimension contains specific checkpoints that together form a complete validation regime. Unlike ad-hoc review, this structured approach ensures that critical aspects are never overlooked, regardless of time pressure or reviewer fatigue.

The Checkpoint Mindset:

Each checkpoint in our framework is formulated as a concrete, answerable question. Vague checkpoints like 'Is the design good?' are useless—they invite subjective hand-waving and miss specific issues. Instead, we ask precise questions: 'Does every class have a single, well-defined responsibility?' This precision enables objective evaluation and constructive discussion.

Dimension 1: Requirements Alignment Checklist

The most fundamental design failure is building the wrong thing. Requirements alignment ensures that before evaluating how well something is designed, we confirm that it addresses the actual problem.

Functional Requirements Coverage:

Functional Requirements Checkpoints

•Requirement Traceability: Can every functional requirement be traced to specific classes, methods, or components in the design? If a requirement cannot be located in the design, it will not be implemented.
•Use Case Walkthrough: Can you 'execute' each primary use case by walking through the design? For each user action, can you trace the flow through classes and methods to the expected outcome?
•Data Completeness: Are all required data entities represented? Do entities have the attributes necessary to support all operations?
•Interface Completeness: Do public interfaces expose all operations needed by external actors? Are input and output contracts clearly defined?
•Constraint Enforcement: Are business rules and constraints explicitly represented? Are validation points identified for each constraint?

Non-Functional Requirements Coverage:

Non-functional requirements (NFRs) are frequently neglected during design, then discovered as crises during load testing or production deployment. Proactive validation prevents these surprises:

Non-Functional Requirements Checkpoints

•Performance Feasibility: Are there any algorithmic bottlenecks (O(n²) or worse operations on potentially large collections)? Are hot paths identified and optimized?
•Scalability Design: How does the design behave as load increases? Are there shared resources that become contention points? Is horizontal scaling possible?
•Reliability Mechanisms: How are failures handled? Are there retry mechanisms, circuit breakers, or fallback behaviors for external dependencies?
•Security Integration: Where are authentication and authorization enforced? Are sensitive data flows identified and protected?
•Observability Hooks: Are logging, metrics, and tracing integrated into the design? Can operators understand system health from outside?

The Missing Requirement Anti-Pattern

If your design satisfies all stated requirements but feels incomplete, trust that instinct. Ask: 'What will users expect that wasn't explicitly written?' Requirements documents capture the obvious cases—experienced designers anticipate the implicit expectations and error conditions.

Dimension 2: Structural Integrity Checklist

Structural integrity addresses the internal coherence of the design—whether classes and components are well-formed, properly organized, and correctly related to each other.

Class Design Quality:

Class Design Checkpoints

•Single Responsibility: Does each class have one clear purpose? Can you describe what the class does in one sentence without using 'and'?
•Cohesion Check: Do all methods and attributes of a class relate to its single purpose? Are there attributes or methods that seem out of place?
•Naming Clarity: Do class names accurately describe their role? Would a new team member understand the purpose from the name alone?
•Abstraction Level Consistency: Is each class at a consistent level of abstraction? Does it mix high-level business logic with low-level technical details?
•State Management: Is class state minimal and necessary? Are there opportunities to make classes immutable or reduce mutable state?

Relationship Validation:

Relationship Checkpoints

•Inheritance Correctness: Does inheritance represent true 'is-a' relationships? Could any inheritance be replaced with composition for greater flexibility?
•Composition Appropriateness: Do 'has-a' relationships correctly model ownership and lifecycle? Are dependencies clearly expressed?
•Coupling Assessment: Are dependencies between classes minimized and well-justified? Can you modify one class without cascading changes to others?
•Circular Dependency Check: Are there any circular dependencies in the class graph? These indicate architectural problems that must be resolved.
•Cardinality Verification: Are one-to-one, one-to-many, and many-to-many relationships correctly identified? Do multiplicities align with domain reality?

structural-integrity-example.ts
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
// BEFORE: Poor Structural Integrity
class OrderProcessor {
    private database: DatabaseConnection;
    private emailService: EmailService;
    private paymentGateway: PaymentGateway;
    private inventorySystem: InventorySystem;
    private reportGenerator: ReportGenerator;
    
    // This class does too many things - violates Single Responsibility
    processOrder(order: Order): void {
        // Validates order
        // Processes payment
        // Updates inventory
        // Sends confirmation email
        // Generates sales report
        // All in one massive method
    }
}
 
// AFTER: Proper Structural Integrity
class OrderProcessor {
    constructor(
        private orderValidator: OrderValidator,
        private paymentProcessor: PaymentProcessor,
        private orderFulfillment: OrderFulfillment
    ) {}
    
    // Single, clear responsibility: orchestrating order processing
    async processOrder(order: Order): Promise<OrderResult> {
        const validationResult = await this.orderValidator.validate(order);
        if (!validationResult.isValid) {
            return OrderResult.validationFailed(validationResult.errors);
        }
        
        const paymentResult = await this.paymentProcessor.process(order);
        if (!paymentResult.isSuccessful) {
            return OrderResult.paymentFailed(paymentResult.error);
        }
        
        await this.orderFulfillment.fulfill(order, paymentResult.transactionId);
        return OrderResult.success(order.id);
    }
}
 
// Each class now has a single, focused responsibility
class OrderValidator {
    validate(order: Order): Promise<ValidationResult> { /* ... */ }
}
 
class PaymentProcessor {
    constructor(private paymentGateway: PaymentGateway) {}
    process(order: Order): Promise<PaymentResult> { /* ... */ }
}
 
class OrderFulfillment {
    constructor(
        private inventoryService: InventoryService,
        private notificationService: NotificationService
    ) {}
    fulfill(order: Order, transactionId: string): Promise<void> { /* ... */ }
}

The Smell Test

When reviewing structural integrity, apply the 'smell test': Does this structure feel right? Would you be comfortable explaining this design to a senior colleague? If you find yourself making excuses or qualifications, the structure likely needs improvement.

Dimension 3: Behavioral Correctness Checklist

A structurally sound design can still produce incorrect behavior. Behavioral correctness validates that the design will do the right thing in all scenarios, including edge cases and error conditions.

State Machine Validation:

State Behavior Checkpoints

•State Identification: Are all possible states of key entities identified? Are state transitions explicitly defined?
•Transition Completeness: For each state, are all valid transitions mapped? What events trigger each transition?
•Invalid State Prevention: What prevents entities from entering invalid states? Are invariants enforced at state boundaries?
•Concurrent State Access: How is concurrent access to shared state handled? Are race conditions possible during state transitions?
•State Persistence: Are state transitions durable? Can the system recover to a consistent state after failure?

Edge Case Analysis:

Common Edge Cases to Validate
Edge Case Category	Examples	Design Questions
Empty/Zero	Empty collections, zero quantities, null values	Does the design handle absence gracefully?
Boundary Values	Minimum values, maximum values, exactly at limits	Are boundary conditions explicitly tested in logic?
Concurrency	Simultaneous operations, race conditions	Are shared resources protected? Is ordering guaranteed where needed?
Failure/Timeout	Network failures, timeouts, resource exhaustion	Are failure paths designed? Do partial failures leave consistent state?
Security Edge Cases	Invalid inputs, injection attempts, authorization bypass	Is all input validated? Are security boundaries explicitly enforced?

Invariant Preservation Checkpoints

•Domain Invariants: What conditions must always be true for domain entities? How are these invariants enforced in the design?
•Cross-Entity Consistency: When multiple entities must be consistent with each other, how is this consistency maintained?
•Transaction Boundaries: Where are transaction boundaries in the design? Does each transaction leave the system in a consistent state?

Dimension 4: Operational Readiness Checklist

Designs that work perfectly in development can fail dramatically in production if operational concerns are neglected. Operational readiness ensures that the design can be deployed, monitored, and maintained by operations teams.

Deployment Readiness:

Deployment Checkpoints

•Configuration Externalization: Is all environment-specific configuration externalized? Can the same artifact run in dev, staging, and production?
•Dependency Documentation: Are all external dependencies documented with connection requirements, versions, and fallback options?
•Resource Requirements: Are CPU, memory, and storage requirements estimated? Are these requirements documented for capacity planning?
•Startup/Shutdown Behavior: What happens during initialization? Is there a graceful shutdown mechanism that completes in-flight operations?

Observability Design:

Observability Checkpoints

•Logging Strategy: What will be logged at each level (ERROR, WARN, INFO, DEBUG)? Are log messages structured for automated parsing?
•Metrics Identification: What metrics should be exposed? Are business metrics (orders/second) and technical metrics (latency p99) both covered?
•Health Checks: What does 'healthy' mean for this component? Are health check endpoints designed for load balancers and monitoring?
•Distributed Tracing: For multi-component flows, how will requests be traced? Is correlation ID propagation designed into interfaces?

The 3 AM Test

Imagine being called at 3 AM because this component is failing. Can you diagnose the problem from logs and metrics without access to code? If not, the operational design is incomplete. Every production system should be debuggable by an on-call engineer with only external observations.

Dimension 5: Evolution Capability Checklist

Software that cannot evolve is software that will be replaced. Evolution capability ensures that the design can accommodate anticipated changes without requiring fundamental restructuring.

Anticipated Change Analysis:

Change Readiness Checkpoints

•Change Scenario Documentation: What changes are anticipated over the next 6-18 months? Are these documented as design considerations?
•Impact Assessment: For each anticipated change, how many classes would need modification? Is the impact localized or widespread?
•Extension Points: Where are the explicit extension points in the design? Are these points well-documented and separated from core logic?
•Seam Identification: Where are the 'seams' in the design—places where behavior can be changed without modifying existing code?

Interface Stability:

API Stability Checkpoints

•Public Interface Minimization: Is the public interface as small as possible while remaining useful? Each public method is a commitment.
•Backward Compatibility Planning: How will interface changes be managed? Is versioning designed into public APIs?
•Contract Documentation: Are the contracts of public interfaces fully documented? Are preconditions, postconditions, and invariants specified?
•Dependency Direction: Do dependencies point toward stability? Are stable, abstract components depended upon, not concrete implementations?

The Two-Year Rule

If you cannot envision how this design would accommodate change requests two years from now, it probably lacks sufficient flexibility. While we cannot predict specific changes, well-designed systems have the vocabulary and structure to discuss and implement future requirements.

The Design Review Process

Having a checklist is necessary but not sufficient—you also need an effective process for applying it. The following process has been refined through thousands of design reviews across many organizations:

Phase 1: Self-Review (30-60 minutes)

Before involving others, conduct a systematic self-review using the checklist. This catches obvious issues and forces you to articulate your reasoning. Walk through each dimension methodically, documenting answers to each checkpoint. This preparation ensures external reviewers spend time on genuine design challenges, not obvious oversights.

Phase 2: Peer Review (45-90 minutes)

Present the design to one or more peers with relevant domain or technical expertise. The goal is not approval—it's improvement. Effective peer reviews follow these principles:

Peer Review Best Practices

•Separate Clarification from Critique: First ensure reviewers understand the design. Then invite challenges and alternatives.
•Invite 'What If' Questions: The best reviewers stress-test designs with scenarios: 'What if the payment fails mid-order?' 'What if we need to support a new payment provider?'
•Document All Issues: Every issue raised, even if resolved during discussion, should be documented for the design record.
•Rate Issues by Severity: Not all issues require resolution before proceeding. Distinguish blocking issues from future improvements.

Phase 3: Resolution and Documentation

After review, update the design to address blocking issues and document decisions about deferred issues. Create a design decision record (DDR) that captures:

The design decision made
Alternatives that were considered
Rationale for the chosen approach
Known limitations and accepted trade-offs

This documentation is invaluable when future developers ask 'Why was it done this way?' The answer is preserved, not lost with the original designer.

Page Complete

You now possess a comprehensive framework for design review, encompassing requirements alignment, structural integrity, behavioral correctness, operational readiness, and evolution capability. The next page focuses specifically on SOLID principle compliance—a critical subset of structural integrity that deserves deep examination.

1 / 4

Loading learning content...

System Design (LLD)Validating the Design

Validating the Design

LevelIntermediate

Duration60 mins

TopicValidating the Design

1 / 4

Design Review Checklist

The Critical Gap Between Design and Validation

What You Will Master

Why Design Review Matters

Before diving into the mechanics of design review, we must understand why this discipline is non-negotiable for professional software development.

The Cost Amplification Effect:

The Knowledge Crystallization Problem:

Cost of Defects by Discovery Phase
Discovery Phase	Relative Cost	Impact	Recovery Difficulty
Design Review	1x (baseline)	Easily corrected on paper	Trivial—redraw diagram
Implementation	10-25x	Code rewrite required	Moderate—localized changes
Unit Testing	25-50x	Cascading test failures	Significant—multiple components
Integration Testing	50-100x	Cross-component breakage	High—coordination required
Production	100-1000x	Customer impact, reputation	Extreme—emergency response

The Illusion of Speed

The Comprehensive Design Review Framework

The Five Dimensions of Design Validation:

Design Review Dimensions

•Requirements Alignment — Does the design fully address what we need to build? Are functional and non-functional requirements covered?
•Structural Integrity — Is the class and component structure sound? Are responsibilities clearly assigned? Is the architecture coherent?
•Behavioral Correctness — Will the design produce correct behavior? Are edge cases handled? Are invariants maintained?
•Operational Readiness — Can this design be deployed, monitored, and maintained? Are operational concerns addressed?
•Evolution Capability — Can this design adapt to anticipated changes? Is it extensible without major surgery?

The Checkpoint Mindset:

Dimension 1: Requirements Alignment Checklist

The most fundamental design failure is building the wrong thing. Requirements alignment ensures that before evaluating how well something is designed, we confirm that it addresses the actual problem.

Functional Requirements Coverage:

Functional Requirements Checkpoints

•Requirement Traceability: Can every functional requirement be traced to specific classes, methods, or components in the design? If a requirement cannot be located in the design, it will not be implemented.
•Use Case Walkthrough: Can you 'execute' each primary use case by walking through the design? For each user action, can you trace the flow through classes and methods to the expected outcome?
•Data Completeness: Are all required data entities represented? Do entities have the attributes necessary to support all operations?
•Interface Completeness: Do public interfaces expose all operations needed by external actors? Are input and output contracts clearly defined?
•Constraint Enforcement: Are business rules and constraints explicitly represented? Are validation points identified for each constraint?

Non-Functional Requirements Coverage:

Non-functional requirements (NFRs) are frequently neglected during design, then discovered as crises during load testing or production deployment. Proactive validation prevents these surprises:

Non-Functional Requirements Checkpoints

•Performance Feasibility: Are there any algorithmic bottlenecks (O(n²) or worse operations on potentially large collections)? Are hot paths identified and optimized?
•Scalability Design: How does the design behave as load increases? Are there shared resources that become contention points? Is horizontal scaling possible?
•Reliability Mechanisms: How are failures handled? Are there retry mechanisms, circuit breakers, or fallback behaviors for external dependencies?
•Security Integration: Where are authentication and authorization enforced? Are sensitive data flows identified and protected?
•Observability Hooks: Are logging, metrics, and tracing integrated into the design? Can operators understand system health from outside?

The Missing Requirement Anti-Pattern

Dimension 2: Structural Integrity Checklist

Structural integrity addresses the internal coherence of the design—whether classes and components are well-formed, properly organized, and correctly related to each other.

Class Design Quality:

Class Design Checkpoints

•Single Responsibility: Does each class have one clear purpose? Can you describe what the class does in one sentence without using 'and'?
•Cohesion Check: Do all methods and attributes of a class relate to its single purpose? Are there attributes or methods that seem out of place?
•Naming Clarity: Do class names accurately describe their role? Would a new team member understand the purpose from the name alone?
•Abstraction Level Consistency: Is each class at a consistent level of abstraction? Does it mix high-level business logic with low-level technical details?
•State Management: Is class state minimal and necessary? Are there opportunities to make classes immutable or reduce mutable state?

Relationship Validation:

Relationship Checkpoints

•Inheritance Correctness: Does inheritance represent true 'is-a' relationships? Could any inheritance be replaced with composition for greater flexibility?
•Composition Appropriateness: Do 'has-a' relationships correctly model ownership and lifecycle? Are dependencies clearly expressed?
•Coupling Assessment: Are dependencies between classes minimized and well-justified? Can you modify one class without cascading changes to others?
•Circular Dependency Check: Are there any circular dependencies in the class graph? These indicate architectural problems that must be resolved.
•Cardinality Verification: Are one-to-one, one-to-many, and many-to-many relationships correctly identified? Do multiplicities align with domain reality?

structural-integrity-example.ts
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
// BEFORE: Poor Structural Integrity
class OrderProcessor {
    private database: DatabaseConnection;
    private emailService: EmailService;
    private paymentGateway: PaymentGateway;
    private inventorySystem: InventorySystem;
    private reportGenerator: ReportGenerator;
    
    // This class does too many things - violates Single Responsibility
    processOrder(order: Order): void {
        // Validates order
        // Processes payment
        // Updates inventory
        // Sends confirmation email
        // Generates sales report
        // All in one massive method
    }
}
 
// AFTER: Proper Structural Integrity
class OrderProcessor {
    constructor(
        private orderValidator: OrderValidator,
        private paymentProcessor: PaymentProcessor,
        private orderFulfillment: OrderFulfillment
    ) {}
    
    // Single, clear responsibility: orchestrating order processing
    async processOrder(order: Order): Promise<OrderResult> {
        const validationResult = await this.orderValidator.validate(order);
        if (!validationResult.isValid) {
            return OrderResult.validationFailed(validationResult.errors);
        }
        
        const paymentResult = await this.paymentProcessor.process(order);
        if (!paymentResult.isSuccessful) {
            return OrderResult.paymentFailed(paymentResult.error);
        }
        
        await this.orderFulfillment.fulfill(order, paymentResult.transactionId);
        return OrderResult.success(order.id);
    }
}
 
// Each class now has a single, focused responsibility
class OrderValidator {
    validate(order: Order): Promise<ValidationResult> { /* ... */ }
}
 
class PaymentProcessor {
    constructor(private paymentGateway: PaymentGateway) {}
    process(order: Order): Promise<PaymentResult> { /* ... */ }
}
 
class OrderFulfillment {
    constructor(
        private inventoryService: InventoryService,
        private notificationService: NotificationService
    ) {}
    fulfill(order: Order, transactionId: string): Promise<void> { /* ... */ }
}

The Smell Test

Dimension 3: Behavioral Correctness Checklist

A structurally sound design can still produce incorrect behavior. Behavioral correctness validates that the design will do the right thing in all scenarios, including edge cases and error conditions.

State Machine Validation:

State Behavior Checkpoints

•State Identification: Are all possible states of key entities identified? Are state transitions explicitly defined?
•Transition Completeness: For each state, are all valid transitions mapped? What events trigger each transition?
•Invalid State Prevention: What prevents entities from entering invalid states? Are invariants enforced at state boundaries?
•Concurrent State Access: How is concurrent access to shared state handled? Are race conditions possible during state transitions?
•State Persistence: Are state transitions durable? Can the system recover to a consistent state after failure?

Edge Case Analysis:

Common Edge Cases to Validate
Edge Case Category	Examples	Design Questions
Empty/Zero	Empty collections, zero quantities, null values	Does the design handle absence gracefully?
Boundary Values	Minimum values, maximum values, exactly at limits	Are boundary conditions explicitly tested in logic?
Concurrency	Simultaneous operations, race conditions	Are shared resources protected? Is ordering guaranteed where needed?
Failure/Timeout	Network failures, timeouts, resource exhaustion	Are failure paths designed? Do partial failures leave consistent state?
Security Edge Cases	Invalid inputs, injection attempts, authorization bypass	Is all input validated? Are security boundaries explicitly enforced?

Invariant Preservation Checkpoints

•Domain Invariants: What conditions must always be true for domain entities? How are these invariants enforced in the design?
•Cross-Entity Consistency: When multiple entities must be consistent with each other, how is this consistency maintained?
•Transaction Boundaries: Where are transaction boundaries in the design? Does each transaction leave the system in a consistent state?

Dimension 4: Operational Readiness Checklist

Deployment Readiness:

Deployment Checkpoints

•Configuration Externalization: Is all environment-specific configuration externalized? Can the same artifact run in dev, staging, and production?
•Dependency Documentation: Are all external dependencies documented with connection requirements, versions, and fallback options?
•Resource Requirements: Are CPU, memory, and storage requirements estimated? Are these requirements documented for capacity planning?
•Startup/Shutdown Behavior: What happens during initialization? Is there a graceful shutdown mechanism that completes in-flight operations?

Observability Design:

Observability Checkpoints

•Logging Strategy: What will be logged at each level (ERROR, WARN, INFO, DEBUG)? Are log messages structured for automated parsing?
•Metrics Identification: What metrics should be exposed? Are business metrics (orders/second) and technical metrics (latency p99) both covered?
•Health Checks: What does 'healthy' mean for this component? Are health check endpoints designed for load balancers and monitoring?
•Distributed Tracing: For multi-component flows, how will requests be traced? Is correlation ID propagation designed into interfaces?

The 3 AM Test

Dimension 5: Evolution Capability Checklist

Software that cannot evolve is software that will be replaced. Evolution capability ensures that the design can accommodate anticipated changes without requiring fundamental restructuring.

Anticipated Change Analysis:

Change Readiness Checkpoints

•Change Scenario Documentation: What changes are anticipated over the next 6-18 months? Are these documented as design considerations?
•Impact Assessment: For each anticipated change, how many classes would need modification? Is the impact localized or widespread?
•Extension Points: Where are the explicit extension points in the design? Are these points well-documented and separated from core logic?
•Seam Identification: Where are the 'seams' in the design—places where behavior can be changed without modifying existing code?

Interface Stability:

API Stability Checkpoints

•Public Interface Minimization: Is the public interface as small as possible while remaining useful? Each public method is a commitment.
•Backward Compatibility Planning: How will interface changes be managed? Is versioning designed into public APIs?
•Contract Documentation: Are the contracts of public interfaces fully documented? Are preconditions, postconditions, and invariants specified?
•Dependency Direction: Do dependencies point toward stability? Are stable, abstract components depended upon, not concrete implementations?

The Two-Year Rule

The Design Review Process

Phase 1: Self-Review (30-60 minutes)

Phase 2: Peer Review (45-90 minutes)

Present the design to one or more peers with relevant domain or technical expertise. The goal is not approval—it's improvement. Effective peer reviews follow these principles:

Peer Review Best Practices

•Separate Clarification from Critique: First ensure reviewers understand the design. Then invite challenges and alternatives.
•Invite 'What If' Questions: The best reviewers stress-test designs with scenarios: 'What if the payment fails mid-order?' 'What if we need to support a new payment provider?'
•Document All Issues: Every issue raised, even if resolved during discussion, should be documented for the design record.
•Rate Issues by Severity: Not all issues require resolution before proceeding. Distinguish blocking issues from future improvements.

Phase 3: Resolution and Documentation

After review, update the design to address blocking issues and document decisions about deferred issues. Create a design decision record (DDR) that captures:

The design decision made
Alternatives that were considered
Rationale for the chosen approach
Known limitations and accepted trade-offs

This documentation is invaluable when future developers ask 'Why was it done this way?' The answer is preserved, not lost with the original designer.

Page Complete

1 / 4