Crispin Cowan wrote:
Dynamic type checking (or any kind of run-time fail-stop checking) enhances security (attacks are halted) but degrades reliability (processes that might live with a harmlessly inconsistent state may be halted).
Degrades reliability of a "correct" program? Or only degrades reliability of a program with bugs, harmless or not?
The latter. Run-time fault checks will never go off if the program does not have faults.
If it's the latter, I would assume QA would want to see the latter, so the bug could be squashed. I'm assuming, of course, that one wants to also squash "harmless" bugs.
QA will want to squash the bugs it sees. Run-time fault checking helps find *some* of those bugs, if QA checks the code paths that expose those bugs. Static type checking, OTOH, finds latent bugs that no one thought to check for, at the cost of not finding some bugs that are statically undecidable. Using both is of course the safest.
Crispin
-- Crispin Cowan, Ph.D. http://immunix.com/~crispin/ CTO, Immunix http://immunix.com Immunix 7.3 http://www.immunix.com/shop/
