[Cryptography] quantum computers & crypto

Jerry Leichter leichter at lrw.com
Sun Nov 7 07:32:27 EST 2021


> Someone I know worked in an environment that had a government-agency-mandated
> requirement for 100% test coverage (I'm going to be a bit vague here so as not
> to reveal any identities).  However the one thing you couldn't test was a lot
> of the exception/error handling, so after a lot of arguing they had an
> engineering team spend about six months removing all exception and error
> handling that couldn't be tested, which was most of it, from equipment that
> was going to be operated in unusually harsh environments where errors and
> exceptions were likely and where service calls were prohibitively expensive.
> 
> They did successfully meet the requirement for 100% test coverage though, so
> all was well.
Many years back, I worked on a system in which a compiler for a complex modeling language generated code in C++ that then interacted with a large run-time platform.  A certain large company located in Washington state licensed the use of a tiny piece of the entire system.  We shipped them object code which exported only the interfaces to that part of the system, and only as much of the run-time code as was needed to make the tiny piece actually work.  (We were very careful about this because the contract specified that any bit of code we shipped them, ever, would be forever covered by the license, even if it had nothing to do with what they were actually buying.)

The company had a coverage checker that was driven by object code.  A large fraction of the code the compiler generated could not be reached from the actual interfaces we exposed to them - but the object code analyzer could see it, and so our coverage appeared way lower than they required.  We went back and forth on this for a while.  I eventually proposed that we have the compiler simply generate an additional exported call in each object which invoked every generated entry point (likely with multiple possible arguments), ignored the results, and returned 0.  A single new test would then produce 100% coverage.

(The arguments and negotiations continued in a desultory fashion for a while after; eventually the whole project got abandoned.  It had been started for political reasons, and died for the same reasons.)
                                                        -- Jerry



More information about the cryptography mailing list