I have set myself the goal of studying and eventually contributing to the very specific area of Erlang-OTP security; but before diving into any practical issue, it is good to have a good understanding of the presuppositions of the matter at hand.
As the reader may know, Erlang is a programming language, a highly interesting one, characterised for its focus on concurrency and actor/process orientation.
As other programming languages -despite its innovative aspects-, it shares with these the explicit goals and the foundational intentions of human-machine interaction and technological process control.
While the Erlang language and its implementation and development environment are undoubtedly innovative and have a very promising future, it is still necessary to work out all the implications of the adoption of Erlang and concurrency-orientation in the wider context of Information Technology and Information Security in particular.
When considering the Security characteristics of Erlang-OTP then, it valuable to see if it shares with other languages (like Java and C++, and even other actor-orientated languages) the same problem space in what respect to the definition, the allocation, the avoidance and the monitoring of risk.
Let’s first step back then and consider the programming language with a critical eye. A strong philosophical motivation is not out of place:
The purely instrumental understanding of technology which predominates today both in engineering and in the humanities is insufficient. A new understanding of the man-machine symbiosis as a heterarchical interplay between mechanism and creativity needs to be developed and practiced in connection with the development of new architectures in computer technologies.
E.von Goldammer, R. Kaehr, “New Pathways in the Foundation of ‘Cybernetic Thinking’ .” – 1991