From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me X-Spam-Level: *** X-Spam-Status: No, score=3.8 required=5.0 tests=BAYES_00,INVALID_MSGID, RATWARE_MS_HASH,RATWARE_OUTLOOK_NONAME autolearn=no autolearn_force=no version=3.4.4 X-Google-Language: ENGLISH,ASCII-7-bit X-Google-Thread: fac41,a48e5b99425d742a X-Google-Attributes: gidfac41,public X-Google-Thread: ffc1e,a48e5b99425d742a X-Google-Attributes: gidffc1e,public X-Google-Thread: f43e6,a48e5b99425d742a X-Google-Attributes: gidf43e6,public X-Google-Thread: 1108a1,5da92b52f6784b63 X-Google-Attributes: gid1108a1,public X-Google-Thread: 107d55,a48e5b99425d742a X-Google-Attributes: gid107d55,public X-Google-Thread: 103376,a48e5b99425d742a X-Google-Attributes: gid103376,public From: "Ron Forrester" Subject: Re: Papers on the Ariane-5 crash and Design by Contract Date: 1997/03/19 Message-ID: <01bc340a$48b4b150$e1f492cf@aurora>#1/1 X-Deja-AN: 226591745 References: <332B5495.167EB0E7@eiffel.com> <332D113B.4A64@calfp.co.uk> <5gl1f5$a26$2@quasar.dimensional.com><5gll90$2qu$1@news.irisa.fr> Organization: AT&T WorldNet Services Newsgroups: comp.lang.eiffel,comp.object,comp.software-eng,comp.programming.threads,comp.lang.ada,comp.lang.java.tech Date: 1997-03-19T00:00:00+00:00 List-Id: > > designing! Eiffel is, however, one of the few languages that provide > > built-in support for it. > > You miss my point. Which is that this stuff is NOT sufficient to have > prevented this error. And further, the evidence supports this > position because the language used in fact _does_ have this capability > but it was _not_ used. While design by contract is a good first step, > it _too_ is simply insufficient as currently realized. It in no way > captures any of the semantic context that scopes the usage scenarios > that are assumed in the design and implementaion of "components". Maybe a simplistic first step would be an Eiffel system that required ensure and require clauses for all members, as well as an invariant clause for all classes. This would at least *help* the engineer *think* about doing it as s/he coded. rjf