|

 
|
| | Name : | Ian S. Piper | Organization : | Diebold Election Systems, Inc. | Post Date : | 9/29/2005 |
| Section : | 4.2.3 | Page no. : | 4-5 | Line no.: | | Comment : | For the requirement in 4.2.3 (e), "Each module shall have a single entry point, and a single exit point, for normal process flow... the exception for the exit point is where a problem is so severe that execution cannot be resumed.", this requirement is problematic as it appears to allow for structured exception handling only in cases of catastrophic failure. This application is too narrow. As a synthetic example, an exception might be generated because of something recoverable, such as the disk space being low. The user corrects the problem by freeing up disk space – but execution resumes. Structured exceptions should be added to the list of 'allowable control structures' in (a). It would be acceptable to add a qualifier such as “exceptions must not be used to unconditionally alter flow control (i.e., used as gotos)”.
Proposed change:
1) Add the following language to the end of this requirement, ". It is acceptable to used structured exceptions as exit points, however, they must not be used to unconditionally alter flow control (i.e., used as goto's); and"
2) Also replace "The exception for the exit point..." with "An exception for the exit point...". | |
|
|