Short note on static analysis and lobbying

Short note on static analysis and lobbying
tag:blogger.com,1999:blog-14114712.post3058966329116482645..comments2020-09-19T00:51:49.311-07:00Com 2011-09-09 18:37:00 Author: addxorrol.blogspot.com(查看原文) 阅读量:51 收藏

tag:blogger.com,1999:blog-14114712.post3058966329116482645..comments2020-09-19T00:51:49.311-07:00Comments on ADD / XOR / ROL: Short note on static analysis and lobbyinghalvar.flakehttp://www.blogger.com/profile/12486016980670992738[email protected]Blogger3125tag:blogger.com,1999:blog-14114712.post-53912986340923557782011-09-19T09:59:15.842-07:002011-09-19T09:59:15.842-07:00+1+1Thierry Zollerhttps://www.blogger.com/profile/14432216409558141236[email protected]

tag:blogger.com,1999:blog-14114712.post-15433077987732035702011-09-11T02:00:43.831-07:002011-09-11T02:00:43.831-07:00We use the word "safety" to describe a p...We use the word "safety" to describe a plane that does not endanger its passengers. It is often but not always the same as "reliability". The plane that is always grounded by technical failures is unreliable, but it is safe.<br /><br />Actually, little formal methods are currently used for verifying the safety of life-critical software. Part of the reason is that the verification is made according to principles laid out in standards (DO-178B in the case of avionics), that list as means the techniques that were the best at the time the standard was drafted (tests; lots of tests; and more testing). The next iteration, DO-178C, will allow (not mandate) static analysis techniques where they are appropriate.<br /><br />In order to avoid bad habits being taken and enormous delays in the adoption of useful new tools, standards should be flexible and give implementors a bit of leeway in choosing their tools. Dynamic allocation is an irrelevant technical detail. There already exist techniques that cope well with the verification of programs that contain dynamic allocation. They have other limitations, of course. But the reason not to mandate specifically this or that technique shouldn't be whether it works or not right now, or whether it is the best right now. Standard should simply allow implementors to choose their tools and give them a chance to justify their choices.pascal_cuoqhttps://www.blogger.com/profile/16863430576950446222[email protected]

tag:blogger.com,1999:blog-14114712.post-57671542779942574332011-09-09T06:24:26.934-07:002011-09-09T06:24:26.934-07:00Summery/tangent: any reasonably complex program (s...Summery/tangent: any reasonably complex program (say 10 KLOC, including base libraries) can't be verified unless it was written with that in mind from the get-go and then, only with extreme effort. With anything longer, SA will, after a point, just give noise.BCShttps://www.blogger.com/profile/16290373784404152656[email protected]

文章来源: http://addxorrol.blogspot.com/feeds/3058966329116482645/comments/default
如有侵权请联系:admin#unsafe.sh