[SystemSafety] A small taste of what we're up against

Derek M Jones derek at knosof.co.uk
Thu Oct 25 14:24:35 CEST 2018


Michael,

> The software for these projects is invariably written in C or (less
> commonly) C++.

This discussion around language is a complete red herring.

It is a cultural issue.

The culture of C/C++ does not frown on people who build their code
without bounds checking.

The culture of Ada frowns on people who do not build their code with
bounds checking.

One of the first languages I used (Pascal) had a culture of bounds
checking.  I learned to appreciate it benefits.

Moving to C I used tools that provided bounds checking.  People
thought I was very odd and obviously not a 'C' person.

I have experience of people positively avoiding the bounds checking 
available in Pascal and Ada.  I thought these people were very odd
and obviously not 'Pascal' or 'Ada' people.

The culture will not change until the bodies start piling up.

> Can anyone give me a real-world example of an injury or death that can be
> directly linked to the use of C or C++ in an automotive system?
> 
> I don't believe that such an example exists.
> 
> Without clear evidence of a problem, I think we could be accused of
> scaremongering.

It is not scaremongering, it's a culture class by those whose language
culture is different.

-- 
Derek M. Jones           Software analysis
tel: +44 (0)1252 520667  blog:shape-of-code.coding-guidelines.com


More information about the systemsafety mailing list