From: Ken Garlington <garlingtonke@lmtas.lmco.com>
Subject: Re: Can OO be successful in real-time embedded systems?
Date: 1996/05/09
Date: 1996-05-09T00:00:00+00:00 [thread overview]
Message-ID: <3191DE76.130F@lmtas.lmco.com> (raw)
In-Reply-To: Dr58I4.6Go@world.std.com
Robert A Duff wrote:
>
> Run-time dispatching is just like a case-statement, except the branches
> are scattered all over the code. To do white-box testing, you have to
> track down all overridings of a given procedure. Having done that, it's
> no harder than testing a case statement. So, I think you want a tool to
> do that tracking down. I use "grep" for that purpose, but one could
> imagine something more helpful.
For safety-critical systems, you might also want to use pragma Reviewable,
coupled with a tool that reads the resulting analysis file, to examine
the object code for each dispatch and verify that the case-ish object code meets
certain criteria. We do this now for case statements, and I would expect that
we would extend the technique for dispatching.
The real difference between dispatching and case statements, in my mind, is
that case statements usually only generate different code if the case statement
itself is changed. Even if the range of the case selector is changed, for
example, the case itself usually has the same object code. Thus, you can sometimes
limit the scope of analysis for regression test purposes.
For dispatching, this isn't going to be the case (so to speak.) We're going to
have to be more careful about doing analysis of dispatch points. However, with
reasonable tools and CM practices, this should not be insurmountable.
Overall, I don't have any real fear of using dispatching in our safety-critical
systems. Of course, I haven't tried to use it in practice, yet.
> But beware: there's a lot more to safety than is codified in the SS Annex.
That's certainly true. Further, I don't see the annex as being all that much
"over-kill." Except for Normalize_Scalars and 'Valid, you can pretty much have the
whole annex with current Ada 83 tools (although the implementation is
not the same, of course). I would like to believe that, for safety and security
related applications, the annex would serve as a perfectly reasonable tool kit.
>
> - Bob
--
LMTAS - "Our Brand Means Quality"
next prev parent reply other threads:[~1996-05-09 0:00 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <m0uHHBP-0000ztC@crash.cts.com>
1996-05-09 0:00 ` Can OO be successful in real-time embedded systems? Robert A Duff
1996-05-09 0:00 ` Ken Garlington [this message]
1996-05-09 0:00 ` Robert A Duff
1996-05-10 0:00 ` Ken Garlington
1996-05-09 0:00 ` Richard Riehle
1996-05-10 0:00 ` Robert A Duff
1996-05-13 0:00 ` Richard Riehle
1996-05-09 0:00 ` Jon S Anthony
[not found] <316BF0C5.1FE1@condat.de>
1996-04-11 0:00 ` Jon S Anthony
[not found] ` <RMARTIN.96Apr11113222@rcm.oma.com>
[not found] ` <31749A27.3949@ag01.kodak.COM>
[not found] ` <4lggff$r56@gaia.ns.utk.edu>
[not found] ` <4mhh3m$h8m@globe.indirect.com>
1996-05-07 0:00 ` Richard Riehle
replies disabled
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox