Re: [SystemSafety] OpenSSL Bug

From: Stachour, Paul D BIS < >
Date: Mon, 14 Apr 2014 13:25:47 +0000


Derek M Jones sent a message on Thursday, April 10, 2014 2:06 PM To: systemsafety_at_xxxxxx Where the subject was: Re: [SystemSafety] OpenSSL Bug

In that message, Derek wrote:
>>> Incidentally there is almost no empirical evidence for the benefits of using a language having stronger typing. There are a few studies using students on really small problems. Pointers to good studies welcome.

Derek & all,
  While I do not claim that my personal actions are a controlled study, I do have the experience of converting a number of "modules" written in a number of languages (mostly C, but some PL/I, some FORTRAN, some LISP, ..) to Ada. This comprised perhaps around 20 such "modules". Some of these actions were done as part of a defined project where code was moved from another language to Ada, some of them out of my own curiosity. Unfortunately, I did not keep records of what I converted, when I did it, or exactly what issues I found.

   However, I do have one observation of significance:

In EVERY CASE, I found AT LEAST ONE BUG when I converted the code from whatever it had been to strongly typed Ada.

The one I remember best is when I converted the "pronounceable-password-generator" from Multics PL/I to C for use on a project that needed to have a pronounceable semi-random password generation facility. On a lark, I also converted it to Ada at the same time. I found an out-of-range subscript that could have resulted in a memory fault under certain rare circumstances depending upon how the compiler chose to layout the memory use. And I found the bug in the Ada code on the first test that I ran using the Ada code.

Regards, ..Paul S.

Paul D. Stachour
Software Quality Assurance
Detector Electronics Corporation
A UTC Fire & Security Company
6901 West 110th Street, Bloomington, MN 55438 USA 952-941-5665, x8409
Paul.Stachour_at_xxxxxx
www.det-tronics.com  

Learning from accidents is de rigueur but learning through accidents is an unacceptable development method for critical systems. Les Chambers.



The System Safety Mailing List
systemsafety_at_xxxxxx Received on Mon Apr 14 2014 - 15:26:18 CEST

This archive was generated by hypermail 2.3.0 : Sat Apr 20 2019 - 00:17:07 CEST