[SystemSafety] "Ripple20 vulnerabilities will haunt the IoT landscape for years to come"

Olwen Morgan olwen at phaedsys.com
Fri Jun 26 21:35:31 CEST 2020


On 26/06/2020 19:36, paul_e.bennett at topmail.co.uk wrote:
>> A lot of software source code I have seen from others would immediately fall
>> into the rejected category. Mainly through lack of included documentation,
>> very high MCC scores and lack of a clear enough interface.

Arghhh ... another perennial hobby-horse of mine!

Why do so few software engineers never even think of using test metrics 
to help them *minimise* the number of test cases they require?

I usually try to design my own code so that every set of test cases that 
attains 100% boundary value coverage also attains 100% simple path 
coverage. It means that you have only the number of simple paths you 
need to make the relevant logical distinctions among the input 
conditions (easy to achieve in functional languages and, alas, easier 
still to fail to achieve in imperative languages).

But when I suggest this to other software "engineers", they usually ask 
me what "boundary value coverage" and "simple path" mean. ...


... and they wonder why I fantasise about their suffering long and 
excruciating deaths ... ?


Brooding in dark, technostalinist hyperbole,

Olwen









More information about the systemsafety mailing list