At 1:03 PM +0930 8/1/04, Nick Lothian wrote: >> >IMHO, though, any such effort is pointless. The reality is >> that we're going >> >to be stuck with C/C++, Java, C#, FORTRAN, COBOL, and various >> >interpreted/scripting languages for a very long time.
>What are peoples opinions of the languages listed above? > >Would I be overly controversial in saying: > >C/C++: Unsafe (for most people) It is possible to code correctly in (almost) any language, but the likelihood of success varies. To me the big issue of C* languages has to do with what assurances _management_ has that the effort will result in correct code. The C++ compilers I know of allow a programmer to drop into raw C, and given the low level of understanding safety and security issues across the programming population there will be a strong temptation to do that. >Java/C#: Reasonably safe (both provide protection against buffer overflows, >are type safe and provide built-in security mechanisms) >FORTRAN/COBOL: Don't know - my impression is that COBOL is fairly safe >Scripting Languages: Depends on the language. Lack of type safety can be a >problem, but on the other hand they are usually safe from buffer overflows >and the fact they you can do a lot more in fewer lines of code can make the >code safer by making errors more obvious. > >Are there other languages in widespread use (ie, the language must be used >more than - say - Python) that are safer than those listed above? Certainly Ada is a lot safer than those above, and the SPARK subset we have discussed here is even safer (not just by being a subset but also by supporting proofs of correctness). SPARK is much less widely deployed that whatever was used to implement Internet Explorer, but I have strong preference as to which of the two I would want used in the programming of fly-by-wire for an airplane on which I fly. -- Larry Kilgallen
