Building High Integrity Applications with SPARK

Category: Programming
Author: John W. McCormick, Peter C. Chapin
This Month Hacker News 1


by pjmlp   2021-02-23
Yep, here some very good books about it, specially relevant given the main subject.

"Building High Integrity Applications with SPARK"

"Building Parallel, Embedded, and Real-Time Applications with Ada"

"Embedded Software Development for Safety-Critical Systems"

by nickpsecurity   2018-10-07
There's tooling like Cryptol and SPARK to make this a lot easier than it was in the past. Cryptol can generate software or hardware that implements the high-level spec of the algorithm. Far as practical use, certainly not just one even though still extremely rare. Here's some more:

Altran/Praxis Correct-by-Construction for a cert authority

Galois built Cryptol for NSA but open sourced it.

Rockwell Collins built SHADE and some other tools for high-assurance crypto. They build stuff for the defense sector mainly funded by NSA. They even have a separation-preserving, verified CPU.

by nickpsecurity   2018-03-17
If you're learn Ada, be sure to check out Building High Integrity Applications in SPARK to get the most benefit from it. I also find Barnes book does a good job chapter by chapter showing how it's systematically designed for safety. Finally, if anyone doubts improvements that can happen, I have the most apples to apples study you'll see comparing Ada and C.

by nickpsecurity   2018-02-28
What makes this a good write-up is you could give it to a project manager as quickly as an engineer. An updated version of this with links to current tech, esp low cost or easy to integrate, might be worthwhile. Other improvements since then include generating tests directly from the contracts, using contracts with automated provers, leaving contracts in as runtime checks while throwing fuzzers at that code, and using contracts for bug repair. They can't do everything but they're a very high-ROI technique with some immediate benefits plus maybe some down the road if your software/company gets bigger.

Write-ups or examples of some of the above: