Re: [SystemSafety] OpenSSL Bug

From: Peter Bernard Ladkin < >
Date: Wed, 16 Apr 2014 07:27:58 +0200

On 15 Apr 2014, at 23:57, Heath Raftery <hraftery_at_xxxxxx
> For all the talk of the suitability of strongly-typed languages (ref, for example, IEC 61508 Part 3 and its strong stance), why do we not see a significant difference between C and Pascal? Could it be that contributing factors of programming style, time allocated, competence, interfaces to existing code, mindset, priorities, etc., etc., are much stronger factors than the strongly-typedness of the language, or indeed, the language at all?

Since it is possible statically to analyse C programs to check their conformity with data-type safety, then in the absence of any information whether that was done, and how thoroughly, one can draw no general conclusions about strongly typed languages from this info without knowing exactly what techniques were applied to analyse the various pieces of code and how thoroughly these techniques were applied. As Dewi pointed out the "cultural differences" between suppliers were not controlled for.

This is no criticism of Dewi's immense contribution, by the way. I doubt that the team were provided with this information from the SW providers. It wasn't part of the purpose of the project as I understand it.

PBL Prof. Peter Bernard Ladkin, University of Bielefeld and Causalis Limited



The System Safety Mailing List
systemsafety_at_xxxxxx Received on Wed Apr 16 2014 - 07:28:07 CEST

This archive was generated by hypermail 2.3.0 : Tue Jun 04 2019 - 21:17:06 CEST