TEAM-ADA Archives

Team Ada: Ada Programming Language Advocacy

TEAM-ADA@LISTSERV.ACM.ORG

Options: Use Classic View

Use Monospaced Font
Show HTML Part by Default
Condense Mail Headers

Topic: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
Sender: "Team Ada: Ada Programming Language Advocacy (83 & 95)" <[log in to unmask]>
Date: Tue, 14 Jun 2005 09:07:28 -0400
MIME-version: 1.0
Content-type: text/plain
From: Roger Racine <[log in to unmask]>
In-Reply-To: <[log in to unmask]>
Content-transfer-encoding: 7BIT
Parts/Attachments: text/plain (47 lines)
Ada, and security in general, seems to need more of a push.  There is an
article by John Viega, in the June 2005 issue of ACM Queue, titled
"Security Problem Solved?" that has the following:

"Buffer overflows are one problem that the world seems to know how to
solve, as evidenced by languages such as Java, C#, and Python that are
not susceptible to the issue.  On the surface, the reason why we still
are plagued by the problem is obvious: we still use C, C++, and assembly
in a heck of a lot of applications."  Note the lack of mention of Ada.

He then goes on to say "there is something to be said about the cost of
transitioning teams of expert C programmers to a language they don't
know nearly as well, simply for the sake of security".

So instead of teaching a different language to all these supposed
experts (I tend to think of a language as something one is fluent in,
not expert in), which would take maybe a month (my experience with
getting new people to the point where they can use the reference manual
to figure out how to program in Ada), he suggests a number of reasonably
good techniques to avoid the problems, which, of course, probably cost
more over the careers of the programmers.

So, I would say that security needs to be pushed to be seen as more
important than programming language skills, and then Ada needs to be
pushed as the best of the secure languages.  This conference would seem
to be a good starting point.

Roger Racine

On Tue, 2005-06-07 at 10:14, John McCormick wrote:
> This conference looks like a great place to discuss Ada and SPARK.   I hope 
> some team members will submit a paper or panel proposal.  Submissions are 
> due in October.  Here is the URL for the conference for additional information.
> 
> http://www.jmu.edu/iiia/wsseet/
> 
> 
> John
> 
> John W. McCormick
> Chair, SIGAda 2005 Conference, 13-17 November, Atlanta, Georgia, USA
> http://www.sigada.org/conf/sigada2005/
> 
> Computer Science Department
> University of Northern Iowa        voice (319) 273-6056
> Cedar Falls, IA 50614-0507       fax (319) 273-7123

ATOM RSS1 RSS2