[E-Lang] Java 2 "Security" (was: Re: Welcome ChrisSkalkaand ScottSmith of Johns Hopkins)

Jonathan S. Shapiro shap@cs.jhu.edu
Sun, 21 Jan 2001 02:03:50 -0500

"Mark S. Miller" wrote:

> A "digital" circuit board or IC chip may not
> work as its designers intended... the logic design
> ... [or] the physical embodiment. We don't normally make up for
> dangers at [the physical] level by redesigning our logic. 
> We put the effort instead into better ensuring that the physical
> layer does indeed faithfully realize the abstraction.

I like the analogy, but it happens not to be true. Substrate-level
errors can be divided into two categories. The first is errors of
fabrication. These affect one chip, not all of them. The chips are
tested for these errors and the bad ones are thrown out.

Many of your other errors (quantum uncertainty, and more commonly
something called charge leakage) actually *are* dealt with above the
physical level. Because of this, real chip design is now split into
*three* levels:

	1. The logic level, which works as you say
	2. The standard cell library
	3. The device physics/chemistry

As a VHDL programmer, you imagine that you use AND gates. These are
actually implemented as macros in the standard cell library. The macros
are extremely careful to follow design rules for the underlying physical
substrate. These design rules exist for the purpose of avoiding various
undesirable attributes of the substrate, such as charge leakage. Quantum
effects are only now (i.e. in the last year or so) coming to be a

As I say, I like the analogy. I just couldn't resist inflicting some
knowledge of that yucky hardware stuff on all you software weenies. :-)