Programming Languages for C-cured Software
SPARK Product Manager and Research Directions Lead, AdaCore
The recent years have seen a renewed interest in the choice of programming language in the development of important/critical software. There is increased realization that some programming languages come with pitfalls that impact the quality of the software produced in that language, with direct consequences for safety and security. This was the main message of the presentation by ANSSI on "Mind your language(s), A Discussion about Languages and Security" at HIS 2014. This is now a mainstream topic of discussion. Looking beyond mere pitfalls, some programming languages contain at their core a few "defect attractors", a term coined by Les Hatton and popularized by Eric Raymond, which defeat attempts at higher software quality. C is a hugely popular programming language for developing important/critical software, in particular embedded software, that has a high number of defect attractors: pointer arithmetic, type punning, manual memory management, text-substitution macros, global variables, manual error handling, implicit type conversions, minimality of syntax. In this presentation, we will discuss major defect attractors in mainstream programming languages such as C/C++, and how they are avoided in well established programming lanugages (such as Ada/OCaml), more recent programming languages (such as Rust/Go), new versions of programming languages (such as C++17/C++20) or subsets of programming languages (such as MISRA-C/SPARK Ada). We will highlight whether the defense comes from language constructs, supporting tools, or a combination thereof.