[SystemSafety] "Ripple20 vulnerabilities will haunt the IoT landscape for years to come"
Martyn Thomas
martyn at 72f.org
Fri Jun 26 22:46:22 CEST 2020
I like to ask “what do you know after your software has passed your tests that you didn’t know before - other than that it passes these specific tests run in this specific order today? And if there is anything, how do you know that?”
I have never received an answer that addresses the question..
Regards
Martyn
> On 26 Jun 2020, at 20:35, Olwen Morgan <olwen at phaedsys.com> wrote:
>
>
> On 26/06/2020 19:36, paul_e.bennett at topmail.co.uk wrote:
>>> A lot of software source code I have seen from others would immediately fall
>>> into the rejected category. Mainly through lack of included documentation,
>>> very high MCC scores and lack of a clear enough interface.
>
> Arghhh ... another perennial hobby-horse of mine!
>
> Why do so few software engineers never even think of using test metrics to help them *minimise* the number of test cases they require?
>
> I usually try to design my own code so that every set of test cases that attains 100% boundary value coverage also attains 100% simple path coverage. It means that you have only the number of simple paths you need to make the relevant logical distinctions among the input conditions (easy to achieve in functional languages and, alas, easier still to fail to achieve in imperative languages).
>
> But when I suggest this to other software "engineers", they usually ask me what "boundary value coverage" and "simple path" mean. ...
>
>
> ... and they wonder why I fantasise about their suffering long and excruciating deaths ... ?
>
>
> Brooding in dark, technostalinist hyperbole,
>
> Olwen
>
>
>
>
>
>
>
> _______________________________________________
> The System Safety Mailing List
> systemsafety at TechFak.Uni-Bielefeld.DE
> Manage your subscription: https://lists.techfak.uni-bielefeld.de/mailman/listinfo/systemsafety
More information about the systemsafety
mailing list