World’s Critical Infrastructure Software Rich In Long-Forgotten Debug Printf Statements, Report Says

GENEVA — A report from the Laboratory of Cybersecurity Assessment of the National Institute of Standards and Technology (NIST) released on March 29th a report titled “Software Quality Analysis for Global Critical Infrastructure”. 
Critical Infrastructure encompasses industrial processes including manufacturing, process control, power generation, fabrication, and refining, as well as water treatment and distribution, wastewater collection and treatment, oil and gas pipelines, electric power transmission and distribution, nuclear reactors and wind farms, but also facility processes, including buildings, airports, ships, and space stations. The report states that “most of the software controlling these critical processes is abundant of abandoned debug printing code including lines such as”:

printf(“debug debug\n”);
printf(“debug debug ##\n”);
printf(“if I’m here, core meltdown is underway\n”); 

And similar statements. The analysis warns that the overall quality of the software in charge of the safety of these life-threatening systems is “practically laughable, hacky at the least, global-variable galore. Nothing short of technological miracles using practically all software anti-patterns out there”.