One take away I got from reading some Nancy Leveson stuff is a lot of danger lurks at the interfaces between things. You can take two things that work perfectly and put them together and get catastrophic behavior. That argues to the point that there isn't a magic language that will make problems go away.
Another take away from an old old paper was that safety must be a primary design goal from the start. It's not something you can bandaid in afterwards. There is a lot of stuff out that what that didn't happen and as a result you see constant whack a mole with critical bugs.
Another take away from an old old paper was that safety must be a primary design goal from the start. It's not something you can bandaid in afterwards. There is a lot of stuff out that what that didn't happen and as a result you see constant whack a mole with critical bugs.