[LINK] Ada programming language security

stephen at melbpc.org.au stephen at melbpc.org.au
Fri Dec 21 12:51:31 AEDT 2012 

The new version of Ada allows developers to do contract-based programming

By Joab Jackson (IDG News Service) 20th December, 2012 18:59

http://www.ada2012.org


The International Organization for Standardization (ISO) has published as 
a standard the latest version of the Ada programming language, Ada 2012, 
which offers a new security feature found in few other languages, called 
contract-based programming.

As Ada tends to be used in mission-critical embedded systems, 
standardization allows cautious users to upgrade to the new version with 
the assurance that the fresh features work as they are designed to, and 
that these features will be supported by Ada-compliant tool vendors.

Contract-based programming allows programmers to better fortify their 
programs against bugs and malicious misuse. 

With contract-based programming, the programmer has the ability to 
specify a set of conditions that must be met before a program's routine 
executes, as well as to set a range of permissible output values.

By checking such pre- and post-conditions during run time, a program 
ensures that it can't be injected with or emit malicious or incorrect 
data, potentially making it safer and more reliable.

While contract programming is generally considered to be a good idea by 
many computer science academicians, few languages today support it, at 
least without additional add-ons for the compiler. The Eiffel programming 
language is probably the most widely known language that natively 
supports design by contract.

Contract-based programming fits with DO-178C/ED-12C, a new safety 
standard for avionics software, managed by the RTCA (Radio Technical 
Commission for Aeronautics).

Ada 2012 has a number of other new features as well. 

The updated language is better suited for working in multicore 
environments. The designers also worked on making the language more 
expressive, adding in more powerful iterators and additional ways of 
formulating conditional expressions.

The U.S. Defense Department commissioned the development of Ada in the 
late 1970s as a way to consolidate the proliferating number of languages 
then being used across the military.

While Ada never caught on as a general use language -- or even as the 
sole language for the Defense Department -- it has found a home in 
aviation as well as other industries that require real-time ultra-
reliable systems.

Ada 2012 is the first major update to the Ada standard in seven years. 

The Ada Rapporteur Group (ARG) of the ISO/IEC (International 
Electrotechnical Commission) JTC 1 (Joint Technical Committee) revised 
the language.

AdaCore has already released an Ada 2012 complier and associated tools. 
Green Hills Software and Atego also offer Ada tools as well.

Refs:
http://www.arnnet.com.au/article/445154/new_ada_2012_iso_standard_offers_s
ecurity_boost/
http://blogs.msdn.com/b/larryosterman/archive/2007/01/04/contractual-
obligations.aspx
http://gcn.com/Articles/2008/04/11/The-return-of-Ada.aspx?Page=1
http://www.eiffel.com/developers/design_by_contract.html

Cheers,
Stephen

More information about the Link mailing list