Re: Limitations of code quality to ensure safety of modern software
|
Aggrwal, Poonam
[AMD Official Use Only - General]
Hi,
I jumped in because I found the topic interesting.
The shortcomings of C in comparison to other type safe languages like Java and Rust are being highlighted in security context too.
Although, I am not sure that today’s automobiles’ SW stacks (AutoSAR, Adaptive AutoSAR) use them. They would be pretty much written in C.
Regards Poonam From: devel@... <devel@...>
On Behalf Of Brink, Peter via lists.elisa.tech
Sent: Tuesday, June 21, 2022 7:30 PM To: Elana Copperman <Elana.Copperman@...>; devel@... Subject: Re: [ELISA Technical Community] Limitations of code quality to ensure safety of modern software
Hi Elana,
Not sure why you directed this to me. I have always advocated for product and process quality, of which code quality is just one aspect. The safety of a product, as you say at the end might be compromised by the design, which is why I have been advocating for the quality and safety aspects mentioned above.
Pete
From: Elana Copperman <Elana.Copperman@...>
Hi Pete, See http://www.underhanded-c.org/_page_id_2.html I don't know if this contest is still being supported. But as you can see, it highlights the limitations of C as a programming language. So that ensuring "quality" of any C-based safety critical system is not easy, even before we get to the limitations of Linux and open source. Unfortunately throughout my career I have seen plenty of code examples which, although not malicious in the sense of this contest, comply with accepted development/coding/test processes – but are inherently unsafe, sometimes by design. Regards Elana
|
|
|