Chesterton’s Fence - Managing and Supporting Complex Digital Products (and Australian Ecology)

This maxim is especially relevant in the world of complex software and product development. It’s tempting to “clean up” code, remove old logic, or upgrade packages—but unless you understand the original purpose, you risk unintended consequences.

A lead engineer recently shared the idea of Chesterton’s Fence with me whilst doing a handover of an established application that his team had built.

We were bringing the application in-house that his team had built for my client. The end users loved the product, it worked well and was deeply integrated and part of their key business process.

The application has been developed over a number of years on a combination of fixed price agreements and negotiated take-or-pay enhancement and support arrangements.

As a result not a lot of time and investment had been put into the technical hardening of the application. It is now the job of the in-house team I am supporting to bring this up to scratch , whilst also continuing to  innovate and develop this key application.

In my experience as a software engineer and delivery lead the warning around Chesterton’s Fence resonated and was particularly applicable given the context.

Common Pitfalls

🐰Upgrading packages or versions without fully understanding dependencies.

🐸 Removing validation or business logic without considering downstream impacts.

🏭 Fixing bugs by changing implementation details that have hidden side effects.

I’ve lost count of the number of times I have fixed bugs or added in functionality that has gone on to break something else. The cost of this can be large as it often takes a while to notice any new issues and then extra time to debug, context switch, diagnose and fix.

Upgrading packages can be important, especially if there are security vulnerabilities, but this does come at a cost. Any application will need to be re-built and tested. The cost of not doing this can be massive if it results in security issues and data breach.

IBM reported the average cost of remediating a data breach as $4.88 million dollars USD (7.5 million AUD). Large data breaches can cost a lot more. Like the estimated $140 million AUD for Optus and $126 million for Medicare.

So, don’t neglect updating your projects and looking after your security—do so at your peril!

How to Avoid These Mistakes

✨ Document your designs and reasoning. Inline comments, wikis, and architecture docs help others understand the “why.” Leave comments and warnings for future maintainers. Encourage “good citizen” development.

✨ Write LOTS of tests for tricky scenarios so refactoring doesn’t break things unexpectedly. Full code coverage isn’t the goal. Instead focus on the complex scenarios, business logic and integration points.

✨ Design applications using Secure by Design standards. Hire experts to build and maintain your applications. Provide enough budget and time so this can be done right for all applications that are not just throw away proof of concepts.

Another area I am curious about is keeping decision logs. Such as ARTs (Architectural Design Records) that record decisions in files committed into version control systems (i.e Github/Gitlab), which sounds ideal. This would then be a place of reference to record trade-offs and key choices for future reference. A plus having in your repo is that it would also be readily available for any gen AI powered coding assists you might use and grant access.

Importantly any experts you hire should be aware of things like OWASP security capability framework and the Twelve Factor App methodology.

Australian Inspired Version of Chesterton’s Fence

My drawing of Chesterton’s fence was inspired by the Australia inspired ecology of this great country that I now call my home.

In Australia we have a big problem with introduced pests. Including rabbits, which have caused massive amounts of destruction.  As a result, Australia has built the largest fence in the world, The Rabbit Proof fence.  Artificially biologically created viruses being used as a way to contain the rabbits. The cost of this biological disaster is estimated to be between $200 million AUD and $1 billion annually.

We also have another massive problem with Cane Toads, who were introduced to eat the larvae of native beetles and protect sugar cane crops and have become a far bigger problem and are slowly spreading around the whole of this ginormous country. 

The cane toads are poisonous to our native animals although there are some resourceful species, such as; magpies, which have been documented flipping them on their backs and eating their soft underbellies, and native water rats, which have been found making careful incisions and eating the toads’ non-toxic heart and liver.

Australia is also home to the largest population of wild camels since they were introduced in the early days of gold mining and railroad building.  These large caravans (the collective noun) of camels eat the native food and drink huge amounts of water, leading to dehydration of native and farmed animals. So when the populations get too large Australian farms sometimes cull them via helicopter or via modified off-road vehicles.  Sadly I forgot to include a camel in my sketch.

In many ways the oceans around Australia have been our fence protecting native species and the people for thousands of years. We have introduced animals, plants or cultures without truly understanding their impact.

Below is a Gen AI version of my drawing. I prefer my hand-drawn version. I hope you do too and that you enjoyed this article. If you did please leave a comment.

If you need help with your digital product development and you are in a similar time zone then get in touch!