>> Every module is indepently tested and proven to work as designed. Most
>> of the problems I run into are related to bad data.
>
>you mean, as in, the module did not defend against (check for) bad data ?
>is data validation specified as part of your module specifications ?
>or do you just rely on field validation at input time ?

In general yes. IMV, the module shouldn't have to check against invalid data. The reason for this is simple: functional cohesion. Adding validation at this point would result in the module being less cohesive. Therefore, validation should be the work of some other module.

Note, that in some instances, it's entirely impossible to check for valid data. Example: A user is entering production. They enter 123. It's perfectly possible for this value to be valid and it's also possible that it could be invalid (did they mean to type 213? 312? etc.)