I completely agree, though how are we really going to reach this point? We have been talking about this at least since I got into development in the early 1980s. We are not anywhere closer, though we have lots of neat tools that do lots of neat stuff. Unfortunately, our programs are also a lot more complicated, making the "correct" proof much more difficult.

Can we really believe it is "just around the corner" to prove this?


Brad Andrews
RBA Communications

Quoting "Cassidy, Colin (GE Infra, Energy)" <colin.cass...@ge.com>:

Martin Gilje Jaatun wrote:

Karen, Matt & all,

Goertzel, Karen [USA] wrote:
> I'm more devious. I think what needs to happen is that we
need to redefine what we mean by "functionally correct" or
"quality" code.
Secure Coding mailing list (SC-L) SC-L@securecoding.org
List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l
List charter available at - http://www.securecoding.org/list/charter.php
SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com)
as a free, non-commercial service to the software security community.

Reply via email to