[SC-L] Anyone looked at security features of D programming language compared to Spark?

Thu, 22 Apr 2004 14:07:06 -0700

Has anyone compared D with Spark. Spark is the high-integrity Ada subset which allows a very powerful static analysis, using a tool called the Spark Examiner.

Safety critical sofware has a lot of overlap with the requirements for high security software. One of the criteria is to use a language which has its syntax and sematics rigorously defined. Thus one would use a language like Spark to implement security related modules which can more readily be proven correct.

If the syntax and semantics of D are not rigorously defined then it should not be used for secure applications.

For Spark see http://www.praxis-cs.co.uk/sparkada/

They also have an interesting list of security/ integrity related cases where Spark has been used, e.g., the security modules for the SmartCard (system using a credit card with an embedded chip)

http://www.praxis-cs.co.uk/sparkada/publications.asp

Jim Ronback
System Safety Engineer

Greenarrow 1 wrote:

There is a comparison chart of different functions of D vs other languages at this site:

http://www.digitalmars.com/d/comparison.html

Regards,
George
Greenarrow1
InNetInvestigations-Forensics


----- Original Message ----- From: "James Walden" <[EMAIL PROTECTED]>
To: "Kenneth R. van Wyk" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>
Sent: Wednesday, April 21, 2004 10:05 AM
Subject: Re: [SC-L] Anyone looked at security features of D programming language?




Kenneth R. van Wyk wrote:


Has anyone here looked into the security strengths/weaknesses of D? Care to
discuss or summarize for the rest of us? Does it inherit the problems of C
while trying to improve on C++ et al?


I haven't examined D myself, but I would also be interested if anyone
could recommend a good paper or site comparing programming language
security features, either for just C-family languages like C/C++, C#,
Cyclone, and D, or for a broader spectrum of language types.  The
closest document to this type of comparison that I've read is section 10
of David Wheeler's excellent Secure Programming for Linux and Unix
HOWTO, but newer languages like Cyclone and D aren't represented in that
section.

--
James Walden, Ph.D.
Visiting Assistant Professor of EECS
The University of Toledo @ LCCC
http://www.eecs.utoledo.edu/~jwalden/

Reply via email to