The 4 Eyes Principle

(Part of my collection of Universal Principles of Software System Design)

The four eyes principle ensures that an action can only be performed when it is approved by two individuals (seen by two pairs of eyes).

The four eyes principles in general is invented to prevent errors and abuse.

The principle can help in the construction of software systems to find weaknesses in architecture, design or code and can help to improve the quality. In every phase of the software development cycle, this principle can be applied, from the requirements analysis phase to the detailed coding phase.

Software architecture, design and code could be co-developed by two person or peer-reviewed.

In the design of software systems, the four eyes principle applies to the process of validating design decisions on various levels.

Pair programming is a software development technique in which two programmers work together on code, one usually doing the coding and the other doing the validation. In other industries such as the air transport dual or duplicate inspection is a common practice in the construction of systems.

In regulated environments such as Financial Institutions, compliance requirements may dictate that code is always peer-reviewed to prevent back doors in code.

In many business solution supported by software systems, the four eyes principle is implemented when supporting business processes requiring this for security or quality validation reasons. Very similar to the software process itself.

The four eyes principle it is a common approach in change management. When code changes are moved into production, a formal change board may require a signed off peer review. Change and Configuration Management tools for software systems often support a four eyes principle process for bringing changes to production.

Further assurance can be added by adding a (random) rotation scheme of authorized individuals to serve as the second pair of eyes. This may provide additional assurance as it will not be known beforehand which two individuals will be dealing with a given decision.

Related / similar: Dual Inspection, Code Review.

Leave a Reply

Close Menu