[erlang-questions] where did my code come from?

David Goehrig dave@REDACTED
Wed Sep 14 19:35:55 CEST 2011


On Sep 13, 2011, at 8:12 PM, Jesper Louis Andersen <jesper.louis.andersen@REDACTED> wrote:

> George Necula has written a paper on
> proof-carrying-code. Here is the trick.
> 


I think PCC works only in theory, but would not work in reality. 

Here's the reason: cost

To prove a system is correct must be cheaper than the cost of any damage done by a potential exploit. 

The cost of proving a system correct is also an up front cost that requires your entire tool chain and infrastructure also be tested. 

Since the cost of creating proofs for and validating those proof systems (replacing all existing infrastructure) exceeds the cost of not doing so, we are unlikely to ever see mass adoption. 

And since the risk of economic damage due failure/compromise is relatively small, and the opportunity cost associated with not going to market quite high, there is always a disincentive to prove/test your new systems before entering production. 

And so it is unlikely to ever be used outside of critical infrastructure and military application. 

Security is fundamentally an economic issue, and it rarely makes sense to devote resources to securing systems with short lifetimes. 

Dave
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://erlang.org/pipermail/erlang-questions/attachments/20110914/5fff2ff1/attachment.htm>


More information about the erlang-questions mailing list