[SystemSafety] OpenSSL Bug
Peter Bernard Ladkin
ladkin at rvs.uni-bielefeld.de
Wed Apr 16 07:27:58 CEST 2014
On 15 Apr 2014, at 23:57, Heath Raftery <hraftery at restech.net.au> wrote:
> For all the talk of the suitability of strongly-typed languages (ref, for example, IEC 61508 Part 3 and its strong stance), why do we not see a significant difference between C and Pascal? Could it be that contributing factors of programming style, time allocated, competence, interfaces to existing code, mindset, priorities, etc., etc., are much stronger factors than the strongly-typedness of the language, or indeed, the language at all?
Since it is possible statically to analyse C programs to check their conformity with data-type safety, then in the absence of any information whether that was done, and how thoroughly, one can draw no general conclusions about strongly typed languages from this info without knowing exactly what techniques were applied to analyse the various pieces of code and how thoroughly these techniques were applied. As Dewi pointed out the "cultural differences" between suppliers were not controlled for.
This is no criticism of Dewi's immense contribution, by the way. I doubt that the team were provided with this information from the SW providers. It wasn't part of the purpose of the project as I understand it.
PBL
Prof. Peter Bernard Ladkin, University of Bielefeld and Causalis Limited
More information about the systemsafety
mailing list