Back to 2015-proposals

Title: Maximizing Reliability and Security with Modern C/C++
Proposer: Jean Pierre LeJacq
Type: Tutorial + Case Study
Duration: 90 mins
Description:
Recent advancements in the C/C++ language, available open-source tooling, and operating system support has revolutionized software development in these languages. Projects such as LLVM/clang are providing sophisticated static and dynamic analysis tools that are easy to use and practical.

In this session we'll review language features, design idioms, and available tools for improving reliability and security. We emphasize an integrated approach where language features can assist the analysis tools in uncovering additional defects. In addition, we provide guidance on properly configuring tools to maximize the checks available. Topics including using attributes to annotate source code, new standard library features to reduce common design errors, critical compiler options in gcc/clang and other compilers to improve security, use of memory/thread/undefined-behavior sanitizers, code coverage.

A key topic is strategies for effectively incorporating these into existing organizations with large existing code bases. We'll discuss our lessons-learned at one large client and the important process changes that were required.