[SystemSafety] Critical systems Linux
Derek M Jones
derek at knosof.co.uk
Thu Nov 22 15:56:15 CET 2018
Olwen,
> To be honest, I wouldn't trust current regulators to muster enough
> expertise to do their job properly when examining a claimed proof of a
> program. At the moment, they do a rickety enough job of much simpler
The many eyeballs argument sounds great in theory. But in practice
people have better things to do with their eyeballs than spend time
looking for faults in other people's code.
Why would anybody want to spend time reading someone else's claimed
proof of a program?
The reason I find faults by reading open source code is that I am
modifying it to do something else. When I was in the static analysis
business I ran a tool over the Linux kernel source and reported the
faults found.
These days finding and reporting faults is an academic status system,
showing that their latest fault finding idea actually does something.
--
Derek M. Jones Software analysis
tel: +44 (0)1252 520667 blog:shape-of-code.coding-guidelines.com
More information about the systemsafety
mailing list