Re: Limitations of code quality to ensure safety of modern software
[AMD Official Use Only - General]
I jumped in because I found the topic interesting.
The shortcomings of C in comparison to other type safe languages like Java and Rust are being highlighted in security context too.
Although, I am not sure that today’s automobiles’ SW stacks (AutoSAR, Adaptive AutoSAR) use them. They would be pretty much written in C.
From: devel@... <devel@...> On Behalf Of Brink, Peter via lists.elisa.tech
Sent: Tuesday, June 21, 2022 7:30 PM
To: Elana Copperman <Elana.Copperman@...>; devel@...
Subject: Re: [ELISA Technical Community] Limitations of code quality to ensure safety of modern software
Not sure why you directed this to me. I have always advocated for product and process quality, of which code quality is just one aspect. The safety of a product, as you say at the end might be compromised by the design, which is why I have been advocating for the quality and safety aspects mentioned above.
From: Elana Copperman <Elana.Copperman@...>
I don't know if this contest is still being supported. But as you can see, it highlights the limitations of C as a programming language.
So that ensuring "quality" of any C-based safety critical system is not easy, even before we get to the limitations of Linux and open source.
Unfortunately throughout my career I have seen plenty of code examples which, although not malicious in the sense of this contest, comply with accepted development/coding/test processes – but are inherently unsafe, sometimes by design.