|english - deutsch|
|engineering training presentations publications blog|
|Safe, Secure and Robust C++|
Hardening software systems by security specialists as a hindsight activity doesn't work: Really safe and secure systems are designed and implemented securely from the beginning. While C has a somewhat bad reputation (buffer overflows) with respect to safety and security, C++ has a variety of mechanisms that allow safe and secure programs from the start. However, C++ (like any other programming language) also allows to build unsafe programs.
Also many safety and security related bugs are introduced afterwards in maintenance, refactoring or while providing extensions. "Source code is the only reliable documentation" is a well known fact. But it's important to clearly provide the informationon preconditions, invariants and constraints of a programming artefact in the code.
Reasonable coding guidelines can help with this while counter-productive rules cause less safe workarounds.
copyright © 2003-2017 vollmann engineering gmbh