Actually, it is a myth.
For every non-trivial system, there are business pressures on
resourcing, deadlines, and acceptable quality (pick any two). Once a
business has set their taste for risk, it makes no sense to spend say
$10m on security controls on a product and delay it for six
Absolute security is a myth. As is designing absolutely secure
software.
I have high hopes in formal methods.
All formal methods do is push bugs around. Basically, you end up
writing in a higher-level language (the spec you are formally verifying
the program meets). You are then subject to
