From mboxrd@z Thu Jan  1 00:00:00 1970
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me
X-Spam-Level: 
X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,FREEMAIL_FROM
	autolearn=ham autolearn_force=no version=3.4.4
X-Google-Language: ENGLISH,ASCII-7-bit
X-Google-Thread: f849b,b8d52151b7b306d2
X-Google-Attributes: gidf849b,public
X-Google-Thread: 103376,a00006d3c4735d70
X-Google-Attributes: gid103376,public
X-Google-ArrivalTime: 2003-12-24 15:11:59 PST
Path: archiver1.google.com!postnews1.google.com!not-for-mail
From: snarflemike@yahoo.com (Mike Silva)
Newsgroups: comp.arch.embedded,comp.lang.ada
Subject: Re: Certified C compilers for safety-critical embedded systems
Date: 24 Dec 2003 15:11:59 -0800
Organization: http://groups.google.com
Message-ID: <20619edc.0312241511.3a934503@posting.google.com>
References: <3fe00b82.90228601@News.CIS.DFN.DE> <3FE026A8.3CD6A3A@yahoo.com>
 <x0%Db.16$_l6.25998@news.uswest.net>
 <3bf1uvg2ntadvahfud2rg6ujk24sora6gr@4ax.com>
 <2u3auvogde8ktotlaq0ldiaska3g416gus@4ax.com> <bs62ph$giu$1@newshost.mot.com>
 <20619edc.0312221020.3fd1b4ee@posting.google.com>
 <b5feuv06s2nmpakq0o1b7v0kpd450v3eli@4ax.com>
 <20619edc.0312222106.3b369547@posting.google.com>
 <45cs9hAbLc6$EAAx@phaedsys.demon.co.uk>
NNTP-Posting-Host: 165.247.217.217
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 8bit
X-Trace: posting.google.com 1072307519 4058 127.0.0.1 (24 Dec 2003 23:11:59
 GMT)
X-Complaints-To: groups-abuse@google.com
NNTP-Posting-Date: Wed, 24 Dec 2003 23:11:59 +0000 (UTC)
Xref: archiver1.google.com comp.arch.embedded:6086 comp.lang.ada:3794
Date: 2003-12-24T15:11:59-08:00
List-Id: <comp.lang.ada>

Chris Hills <chris@phaedsys.org> wrote in message news:<45cs9hAbLc6$EAAx@phaedsys.demon.co.uk>...
>             Sil1   Sil2   Sil3 Sil4
> Ada          HR    HR      R    R
> ADA (subset) HR    HR      HR   HR
> C            R     -      NR    NR
> 
> as expected  BUT
> 
> C (subset, codinng standard and static analysis) 
>              HR   HR      HR     HR

I had a thought about this also.  In the Ada case we see a change from
R (recommended) to HR (highly recommended) at SIL3 and SIL4.  In the C
case we see a change from NR (not recommended), past - (no
recommendation) and R to HR.  To go from Ada to SPARK is one step
(i.e. good to best) while to go from C to SIL4-C is three steps (i.e.
worst to best).  How will that (3 step improvement vs. 1 step
improvement) manifest itself in the complexity, cost and lack of
errors in the tools, the expressiveness and ease of use of the
resulting language subset, etc, etc.

Mike