Date: Thu, 23 Jul 1998 23:36:47 -0500 (CDT) From: "Lee Crites (ASC)" <leec@adam.adonai.net> To: Brett Glass <brett@lariat.org> Cc: Andrew Kenneth Milton <akm@zeus.theinternet.com.au>, security@FreeBSD.ORG Subject: Re: Translation to a safer language (Was: Projects to improve security) Message-ID: <Pine.BSF.3.96.980723233121.9874C-100000@adam.adonai.net> In-Reply-To: <199807221459.IAA04129@lariat.lariat.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 22 Jul 1998, Brett Glass wrote:
=>>The only way to prevent bad code is to audit and test.
=>
=>It'd be nice if even *that* worked. I've developed a renewed interest
=>in mechanical verification.
There is this guy named Michael Fagan who is going about teaching
what he calls Fagan Inspections. It sounds okay on the surface,
but there is nothing magical about it. Faganized code *should*
have fewer defects in it -- any code you and three friends spend
40% of your time inspecting had darn well better have fewer
defects! Actually, I said that backwards -- 40% of your coding
man hours will be in inspections. If you had a 60 man hour
project, then it would be 100 man hours including the
inspections.
There are a lot of stats showing a real defect reduction by
Faganizing your code (and documents -- they both work).
Motorola, for instance, swears by them. (...we are still at the
stage of swearing *at* them...)
It *is* possible for an inspection process to work. It just
takes more time, effort, and discipline than most organizations
can handle.
Lee
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Lee Crites
Adonai Services Company, Round Rock, Texas
leec@adonai.net http://www.adonai.net/~leec
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.980723233121.9874C-100000>