And how does that work for software engineering thus far?
Quite well, in the long run. Ten years ago we had mountains of buffer overflow-ridden web software written in C++ being replaced by SQL-injection-vulnerable Perl and PHP. Twenty-five years ago the Morris worm easily found its way onto thousands of systems.
Now, tools like Valgrind help detect buffer overflows and other memory access problems, ORMs help prevent SQL injection, stringent standards are used for development of safety-critical systems (e.g. MISRA-C), and automated testing is much more widespread. Naive software developers still make naive mistakes, but as a whole, the industry is much better protected against known mistakes.
Quite well, in the long run. Ten years ago we had mountains of buffer overflow-ridden web software written in C++ being replaced by SQL-injection-vulnerable Perl and PHP. Twenty-five years ago the Morris worm easily found its way onto thousands of systems.
Now, tools like Valgrind help detect buffer overflows and other memory access problems, ORMs help prevent SQL injection, stringent standards are used for development of safety-critical systems (e.g. MISRA-C), and automated testing is much more widespread. Naive software developers still make naive mistakes, but as a whole, the industry is much better protected against known mistakes.