Origin
Georg Cantor, 1874. Formalized by Zermelo-Fraenkel, 1908–1922.
The Principle
Set theory defines collections of objects and the rules for membership. An element either belongs to a set or it does not. The boundary is absolute. There is no "sort of in the set."
In software, every variable has an expected set of values. Every input field has valid members. Every type system is a set of constraints. Every database column has a domain. Every API contract defines the universe of acceptable payloads.
When software fails to enforce set boundaries — when it accepts an element that doesn't belong — the result ranges from corruption to catastrophe. The entire history of injection attacks, buffer overflows, and type confusion vulnerabilities is the history of set membership violations.
Why This Is Bedrock
Every exhibit above us in this museum is, at some level, a failure to answer one question: does this value belong to the set of values I expect?
This pattern has been found in applications built by talented developers at respected organizations across every decade of software history. Its presence in a codebase is not a reflection of the developer who wrote it — it is a reflection of what that developer was taught, what tools they had, and the path that was easiest given what they were taught. The goal is not to find fault. The goal is to find the pattern — before it finds you.
Katie's Law: The developers were not wrong. The shortcut was not wrong. The context changed and the shortcut didn't.