Originally Posted by
msbbarratt
It is possible to write bug free software, but proving that that's what's been achieved is basically impossible except in trivial examples.
Mostly we rely on a whole lot of very carefully designed testing and many hours of logged trouble-free running before reluctantly concluding that it might be ok... That's why making changes to this kind of software is so expensive - All the software tests have to be repeated.
No amount of testing ever identifies all bugs. Around 1980, Airbus shared their early static fly-by-wire flight test results with the DoD program I was supporting. If memory serves, they contracted with three different companies in three different countries to perform a full suite of testing of fly-by-wire SW with the thought that the different companies would find different bugs - at least a few. None of the companies new any of the others existed, the test protocols were unique to each company and results were not shared. The hope was each company might ferret out major flaws that others might not catch. Much to their chagrin (or maybe just due to good SW coding practices) well over 90% of flaws were found by all three companies and only a few less than critical bugs were identified uniquely. The results surprised a number of people and as events would later prove, not all major issues were uncovered.