On Dec 22, 2007 5:53 PM, Rico Secada <[EMAIL PROTECTED]> wrote: > You are right, Ada is widely used in avionics, aerospace and defence > systems, systems that demand a VERY high level of security and safety > regarding lives and expensive equipment. And Ada is specifically > designed for embedded systems too.
Ada's original foothold was gained because it was mandated by the US government for many projects and was standardized before C. If Ada's benefits were not realizable with other tools, the mandate would still be in place. > It is my understanding that C is the hackers tool while Ada is the tool > of the engineer. I think it is mostly because of tradition. Your understanding is wrong. I suspect that many professional engineers using C (and/or other languages) would strongly disagree with your offhand characterization. > You find Ada in almost all of Boings airplanes, and in most industry > critical systems. Ada was written with compile time protection against > bugs such as buffer-overflows and so on. Didn't I read a Slashdot article about the NYSE going to Linux? What language is medical software written in? What about the competing companies that aren't using Ada? How does their track record of software faults compare? Compile time protection isn't worth the time it takes to run them if your specification has flaws, your code doesn't match the spec, or the compiler has errors. There are MANY other types of errors that can never be caught at compile-time. Just because these errors SHOULD be accounted for in the program's spec doesn't mean that they WILL be. > But like many has stated, what makes programs good and secure is the > programmer, but IMHO the tools and languages are important too. > > You cannot use something like C in a really security demanding > situation, and here I think about humans lives, like in spacecrafts. Completely false. You can use any tool you want with an appropriate model of the system; this includes your tools and code. The software for the original US moon missions was written in assembly code; portions may still be in use today because of its extreme reliability. > A simple buffer overflow might crash the plane, and you have to have > some ways of eliminating that completely. That is why Ada was designed > the way it was. You can read about the history of Ada on Wikipedia. > > Why so much is written in C on Unix-like systems, I think its mainly > tradition. IMO Ada would be much better from a security point of view. Your opinion means nothing without code. Even with code, the OpenBSD project likely won't care anyways. You are barking up the wrong tree. > I agree that it would be better if OpenBSD or any other system for that > matter was written in Ada rather than C, and they could just as well, > but re-writing something as huge as OpenBSD is a MAJOR task, and what > would the real benefits be in this situation? > > The OpenBSD team knows exactly what they are doing hence the extra > security of Ada becomes almost un-necessary, but again I agree, had > OpenBSD been in Ada from day one, that would save them a LOT of time! > Bugs would be caught on compile time and bad-coding would almost be > eliminated. Go back to Wikipedia. OpenBSD was a fork and essentially worked from day one. However, as you say, rewriting something as big as OpenBSD is a MAJOR task in the timeframe of years or decades. Instead of improving security in a known system, all those years would be "wasted" reinventing the wheel and playing catch-up with the pre-existing feature set of modern operating systems. Your insistence on equating compile-time checks with secure programming is incorrect, and indicates your inexperience in secure programming. Academic questions like this should be googled or asked on comp.lang.ada. Good luck. --david
