>>9899>I don't think software 'engineering' can be regulated as linearly in other engineering disciplines. Laws of physics and heuristics humanities gathered are static whereas exploit writers are always adapting to changing environment.
Wait a minute, the compiler optimizations that reduce the vulnerability to exploits don't have to be linear regulation, you are taking my building-code metaphor way too literally.
>Software engineering actually have lot more in common with 'financial engineering' when it comes to regulatory challenges and we all know how responsible they are.
No, lawyers write code that is executed by judges, bureaucrats and functionaries, not processors. Brains are not pure logic interpreters. Legal code does not work like software.>>9899>Security through correctness has always been the way but even after Microsoft's decade worth investment in formal verification tools we do not have killer language or toolchain that is reasonably productive enough to be adopted in mass scale.
I know about MS's code quality project, but you can't expect a big soul crushing corporation to foster real innovation. There is no way anything new could pass through the membranes of corporate administrations, too many people have made careers out of managing the half broken mess. >Rust could fit the bill but I am skeptical of it for obvious reasons.
Yes that is the popular example but there's no reason other compilers can't have functionality of this type added. or you could even try to have a pre- compiler as a separate insert into the tool-chain.