In 2005, Ross Anderson and Roger Needham coined the phrase "Programming Satan's Computer" to describe the problems of developing software for secure systems. Their point is illustrated by whatever is the latest high-profile bug, "celebrity glitch", or downright embarrassment in some piece of critical software that is supposed to be trustworthy. It might seem industry is unable to produce software with even the most basic levels of integrity (e.g. "it doesn't crash") let alone subtle application-specific security properties. Is the situation really that bad? Can we do better, based on what we know from over twenty years of building safety-related systems? This talk will reflect on my experience of deploying safety-critical software process and technology in building secure systems, but will also touch on the behaviours and economic pressures that seem to be holding back progress.
About Roderick Chapman
Roderick Chapman is an independent consultant software engineer. He specialises in the development of safety and security-critical systems, from requirements engineering, through architectural design and implementation, to verification, audit and assessment. Following graduation from the University of York, Rod joined Praxis (now Altran UK), and contributed to many of the company’s keynote projects, rising to the role of principal engineer for software process and design. He also led the programming language and verification research group at Praxis, leading the technical development, training, sales and marketing of the SPARK product line.Rod is a regular speaker at international conferences, and is widely recognized as a leading authority on high-integrity software development, programming language design, and software verification tools. In 2006, he was invited to become a Fellow of the British Computer Society. In 2011, Rod was the joint recipient of the inaugural Microsoft Research Verified Software Milestone Award for his contribution to the Tokeneer project.In February 2015, Rod was appointed Honorary Visiting Professor in the Department of Computer Science at the University of York.