Re: [SystemSafety] OpenSSL Bug

From: Dewi Daniels < >
Date: Thu, 10 Apr 2014 22:21:12 +0100

Derek M. Jones wrote:

> Why pick on C?

Because OpenSSL was written in C?

> Incidentally there is almost no empirical evidence for the benefits of
using a language having stronger typing. There are a few studies using students on really small problems.
> Pointers to good studies welcome.

How about Andy German's paper on "Software Static Code Analysis Lessons Learned"? man.pdf

"Table 1 shows that the poorest language for safety-critical applications is C with consistently high anomaly rates. The best language found is SPARK (Ada), which consistently achieves one anomaly per 250 software lines of code".


Dewi Daniels | Managing Director | Verocel Limited Direct Dial +44 1225 718912 | Mobile +44 7968 837742 | Email ddaniels_at_xxxxxx  

Verocel Limited is a company registered in England and Wales. Company number: 7407595. Registered office: Grangeside Business Support Centre, 129 Devizes Road, Hilperton, Trowbridge, United Kingdom BA14 7SZ

The System Safety Mailing List
systemsafety_at_xxxxxx Received on Thu Apr 10 2014 - 23:23:18 CEST

This archive was generated by hypermail 2.3.0 : Tue Jun 04 2019 - 21:17:06 CEST