[SystemSafety] "Ripple20 vulnerabilities will haunt the IoT landscape for years to come"
Peter Bernard Ladkin
ladkin at causalis.com
Wed Jul 1 17:27:41 CEST 2020
On 2020-07-01 17:17 , Olwen Morgan wrote:
>
> On 01/07/2020 16:11, Peter Bernard Ladkin wrote:
>> <snip>
>>
>> ... If you are programming, it may be that you can avoid unit tests in favor of verification, ...
>
> <snip>
>
>
> ABSOLUTELY NOT!
Absolutely so.
If the programmer had been using CbyC methods/tools such as in SPARK Pro appropriately, then the
program does indeed do what the specification says (modulo discharging proof obligations), which is
the point of unit testing the various components. Thereby unit testing can be avoided if you use CbyC.
Your example dialogue ensues when the spec is wrong. That is not what unit-testing modules is for.
The dialogue would also not occur. The programmer would not contradict the tester; she would say "I
am the wrong person to talk to about this; go talk to so-and-so along the corridor who developed the
spec".
PBL
Prof. Peter Bernard Ladkin, Bielefeld, Germany
Styelfy Bleibgsnd
Tel+msg +49 (0)521 880 7319 www.rvs-bi.de
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <https://lists.techfak.uni-bielefeld.de/pipermail/systemsafety/attachments/20200701/fb809dfc/attachment.sig>
More information about the systemsafety
mailing list