From mboxrd@z Thu Jan  1 00:00:00 1970
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me
X-Spam-Level: 
X-Spam-Status: No, score=-1.3 required=5.0 tests=BAYES_00,INVALID_MSGID
	autolearn=no autolearn_force=no version=3.4.4
X-Google-Language: ENGLISH,ASCII-7-bit
X-Google-Thread: 103376,a3ca574fc2007430
X-Google-Attributes: gid103376,public
X-Google-Thread: 115aec,f41f1f25333fa601
X-Google-Attributes: gid115aec,public
From: andy.ashworth@gecm.com (Andy Ashworth)
Subject: Re: Ada and Automotive Industry
Date: 1996/12/03
Message-ID: <32a442b1.2110383@news.geccs.gecm.com>#1/1
X-Deja-AN: 202103476
references: <55ea3g$m1j@newsbf02.news.aol.com> <3280DA96.15FB@hso.link.com>
 <1996Nov6.210957.3070@ole.cdac.com> <5683sk$bsc@news.ccit.arizona.edu>
 <Pine.GSO.3.95.961113084108.24113B-100000@nunic.nu.edu>
 <dewar.848291728@merv> <Pine.GSO.3.95.961120154239.3026C-100000@nunic.nu.edu>
 <dewar.848760148@merv> <Pine.GSO.3.95.961125172641.786A-100000@nunic.nu.edu>
 <dewar.849073914@merv>
 <Pine.GSO.3.95.961129151026.24389C-100000@nunic.nu.edu>
 <BPE6pDAXsXoyEwAm@phaedsys.demon.co.uk> <dewar.849497905@merv>
 <uL5x4AAhDzoyEwka@phaedsys.demon.co.uk>
organization: GEC-Marconi
newsgroups: comp.lang.ada,comp.realtime
Date: 1996-12-03T00:00:00+00:00
List-Id: <comp.lang.ada>


FWIW my two-penn'orth on the issue of safety and languages. Safety is
a property of a system, i.e. the combination of software, hardware,
hydraulics, and other bits you can kick. I agree with Chris that the
safety of a language is a moot point if the tool support is buggy -
while the code source file may be inherently "safer" (i.e. perception
of correctness is higher) for Ada or Modula 2 than for C or C++, when
compiled with buggy tools the safety of the overall system is
degraded.

Having spent a number of years assessing real industrial safety
critical systems, I have come to the conclusion that the language used
is not an issue; rather, it is how it is used that can significantly
affect the ultimate safety levels. How the language is used is one
function of management and IMHO it is weak management that is the
greatest threat to public safety where software is concerned and not
the use of a language with weak semantics. I believe that ADA, Modula
2 and other so called safe languages can produce and unsafe result
just as the unsafe languages like C can be used to produce a safe
system.

#define rant=off

Andy Ashworth

Senior Software Safety Engineer

Opinions are mine and not GEC's - they don't pay me enough to make
policy!