Date: Fri, 24 Jul 1998 11:08:52 +0200 From: Eivind Eklund <eivind@yes.no> To: "Lee Crites (ASC)" <leec@adam.adonai.net>, Brett Glass <brett@lariat.org> Cc: Andrew Kenneth Milton <akm@zeus.theinternet.com.au>, security@FreeBSD.ORG Subject: Re: Translation to a safer language (Was: Projects to improve security) Message-ID: <19980724110852.62387@follo.net> In-Reply-To: <Pine.BSF.3.96.980723233121.9874C-100000@adam.adonai.net>; from Lee Crites (ASC) on Thu, Jul 23, 1998 at 11:36:47PM -0500 References: <199807221459.IAA04129@lariat.lariat.org> <Pine.BSF.3.96.980723233121.9874C-100000@adam.adonai.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, Jul 23, 1998 at 11:36:47PM -0500, Lee Crites (ASC) wrote: > On Wed, 22 Jul 1998, Brett Glass wrote: > > =>>The only way to prevent bad code is to audit and test. > => > =>It'd be nice if even *that* worked. I've developed a renewed interest > =>in mechanical verification. > > There is this guy named Michael Fagan who is going about teaching > what he calls Fagan Inspections. It sounds okay on the surface, > but there is nothing magical about it. Faganized code *should* > have fewer defects in it -- any code you and three friends spend > 40% of your time inspecting had darn well better have fewer > defects! Actually, I said that backwards -- 40% of your coding > man hours will be in inspections. If you had a 60 man hour > project, then it would be 100 man hours including the > inspections. > > There are a lot of stats showing a real defect reduction by > Faganizing your code (and documents -- they both work). > Motorola, for instance, swears by them. (...we are still at the > stage of swearing *at* them...) Inspections (or "Fagan inspections" if you want) work. They're difficult to introduce and require physical presence, but when you get them working they both synchronize how people work, thus making it easier to share code, and make a relly significant dent in the number of defects. From a personal viewpoint (I didn't measure this), they seemed much more effective than just doing reviews. Eivind. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19980724110852.62387>