Brussels / 3 & 4 February 2018

schedule

Terra Bruciata

where bugs cannot survive


In this talk I'm going to present Terra Bruciata, an open source initiative aimed to bring hi-integrity techniques in the world of open source with the objectives of (i) providing to the world bug-free software (ii) developing hi-integrity techniques suitable for open source and (iii) showing to the world that bugs are not unavoidable...

Software bugs are everywhere and they brings much harm. History is sprinkled with software horror tales: race condition in radiation therapy machine Therac-25 caused deaths and injuries, badly written automotive software caused unintended acceleration, bugs in the entertainment system allowed an attacker to take remote (full) control of a car, software glitches caused (many times) chaos in the stock market and so on... Unfortunately many think that bugs are like bad weather: annoying, but unavoidable, so that the only solution is to have patience and bear with them.

However, I agree with late Robert Dewar when he says that we should not put up with them. With the future advent of IoT, putting up with glitches it is an open invitation for the Software Apocalypse. Therefore, I decided to start Terra Bruciata, an open source initiative whose goal of is to bring a software correctness mentality in the open source community. We will try to adapt to an open source context procedures and good practices from standards like DO-178 and using techniques such as formal checking. We will initially concentrate on libraries for network protocols. Although this choice can seem strange, it has its rationale. First, network protocols are pervasive nowadays and a bug in a network library can easily become a security hole. Moreover, the IETF has the desire to improve the involvement of open source communities and academia in protocol developments and this initiative could be an interesting channel for that. The initiative just started and as first protocol we choose CoAP, the Constrained Application Protocol, a kind of lo-weight HTTP, developed having in mind small devices IoT-style (yes, it is fashionable...)

Speakers

Photo of Riccardo Bernardini Riccardo Bernardini

Attachments

Links