ACM Portal
  Subscribe (Full Service)    Register (Limited Service, Free)    Login
  Search:   The ACM Digital Library   The Guide
  
ACM Home Page
Please provide us with feedback. Feedback
Safety, security, and object-oriented programming
Full text PdfPdf (120 KB)
Source ACM SIGBED Review archive
Volume 3 ,  Issue 4  (October 2006) table of contents
Special issues on workshop on innovative techniques for certification of embedded systems
Pages: 15 - 26  
Year of Publication: 2006
Author
Franco Gasperoni  AdaCore, Paris, France
Publisher
ACM  New York, NY, USA
Bibliometrics
Downloads (6 Weeks): 15,   Downloads (12 Months): 79,   Citation Count: 1
Additional Information:

abstract   references   cited by   index terms   collaborative colleagues  

Tools and Actions: Review this Article  
DOI Bookmark: Use this link to bookmark this Article: http://doi.acm.org/10.1145/1183088.1183092
What is a DOI?

ABSTRACT

When safety-critical software malfunctions people lives are in danger. When security-critical software is cracked national security or economic activity may be at risk.As more and more software embraces object-oriented programming (OOP) safety-critical and security-critical projects feel compelled to use object-orientation. But what are the guarantees of OOP in terms of safety and security? Are the design goals of OOP aligned with those of safe and secure software (S3) systems?In the following sections we look at key OOP aspects and analyze some of the hazards they introduce with respect to S3 and outline a possible way of addressing these vulnerabilities. Specifically, after a quick overview of OOP in section 2, section 3 deals with inheritance and shows some of its hazards in terms of S3 along with possible remedies. Section 4 focuses on dynamic binding and suggests a safer and more secure implementation than what is conventionally done. Finally, section 5 looks at testing programs with dynamic binding.


REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

 
1
[Ada2005] Programming in Ada 2005, by John Barnes. Addison-Wesley, 2006.
 
2
[ASPECT] Special Issue on Aspect-Oriented Programming, Communications of the ACM, Volume 44 Issue 10, October 2001.
 
3
[DO-178B] Software Consideration in Airborne Systems and Equipment Certification. RTCA/DO-178B or EUROCAE/ED-12B, 1992.
 
4
[DO-178C] Forum on Software Considerations in Airborne Systems, RTCA/SC-205 and EUROCAE/WG-71. Available at http://forum.pr.erau.edu/SCAS
 
5
[DO-248B] Final Report for Clarification of DO-178B. RTCA/DO-248B or EUROCAE/ED-94B, 2001.
 
6
[ISO15408] Common Criteria for Information Technology Security Evaluation. ISO/IEC 15408:2005.
 
7
[OOTiA] Handbook for Object-Oriented Technology in Aviation (OOTiA). FAA, 2004. Available at : http://www.faa.gov/aircraft/air_cert/design_approvals/air_software/oot
 
8
[VerOLink] http://www.verocel.com/verolink.htm

CITED BY
Jerome Hugues , Bechir Zalila , Laurent Pautet , Fabrice Kordon, From the prototype to the final embedded system using the Ocarina AADL tool suite, ACM Transactions on Embedded Computing Systems (TECS), v.7 n.4, p.1-25, July 2008

INDEX TERMS

Primary Classification:
  D. Software
  D.2 SOFTWARE ENGINEERING
      D.2.0 General
          Subjects: Protection mechanisms

Additional Classification:
  D. Software
  D.1 PROGRAMMING TECHNIQUES
      D.1.5 Object-oriented Programming
  D.2 SOFTWARE ENGINEERING
      D.2.0 General
          Subjects: Standards


General Terms:
Legal Aspects, Security, Standardization

Collaborative Colleagues:
Franco Gasperoni: colleagues

The ACM Portal is published by the Association for Computing Machinery. Copyright © 2009 ACM, Inc.
Terms of Usage   Privacy Policy   Code of Ethics   Contact Us

Useful downloads: Adobe Acrobat    QuickTime    Windows Media Player    Real Player