We agree security is not just preventing array overflows, and Ada is not a magic bullet. But the environment has changed. The estimated cost of a bug in infrastructure software has increased because we now realize it has a higher likelihood of being exploited by bad guys and the cost of damage therefrom is higher than we thought. So "C's fine, why use Ada?" should change to "How can you justify not using better tools (Ada among them)". Another change is the drop in interest/discount rates. That means long term savings are now raised in importance relative to short run costs. "How can you justify ignoring the long term, life cycle, savings of using Ada?" As to whether Ada is indeed better for bug prevention and long term maintenance, "prove it" gives way to "what evidence exists says Ada's better - if you don't think so, prove that."