From: Ken Garlington <GarlingtonKE@lmtas.lmco.com>
Subject: Re: Trust but verify (was Re: Papers on the Ariane-5 crash and Design by Contract
Date: 1997/03/31
Date: 1997-03-31T00:00:00+00:00 [thread overview]
Message-ID: <33400AD1.1FFA@lmtas.lmco.com> (raw)
In-Reply-To: 5hfdh8$b7d@news-central.tiac.net
[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #1: Type: text/plain, Size: 3067 bytes --]
Jeffrey W. Stulin wrote:
>
> Hi there:
>
> As my father is fond of saying "You�ve got to play the percentages." By
> this he simply means that while nothing in life is guaranteed, it is
> still a good idea to attempt to arrange matters to give them the best
> opportunity of working out in your favor. And that is the answer to
> Ken�s questions.
>
> If the Ariane software engineers had the reuse mindset, NOT the specific
> mechanisms of Eiffel, but the design by contract reuse mindset, then
> they MAY have written the assertion, and MAY have noticed, while
> integrating the modules, that the assertion would not have been met.
>
> I often specify "impossible" assertions because, human nature being what
> it is, the impossible will happen, and it is exactly these non intuitive
> circumstances which cause the most trouble.
>
> Now 95% of what Ken has stated about testing and so forth is perfectly
> correct. And indeed there is no guarantee that the MAYs above would have
> come to pass. However, it is not unreasonable to speculate that if the
> integrators had been trained with emphasis on the problems of reuse, the
> specification error might have been found. Perhaps likely to be found is
> a bit strong, but I don�t find that stretch much of a sin.
>
> Furthermore, the papers primary between-the-lines claim, that we better
> learn a reuse mindset since we are (finally) entering the age of
> software reuse, and that the penalties for a reuse error could be
> disastrous, is not a stretch at all. It is simple common sense.
>
> I also find little fault with the implied notion that Eiffel is the
> language which would have had the best chance of finding this particular
> error. My reasoning is simple: Eiffel is a thin surface for an idea,
> the idea of how to specify and reuse software (design by contract etc.).
> That�s what Eiffel is. Now there may be many areas where Ada would have
> strengths in solving problems and Eiffel would fall flat on its face.
> But not on issues of software reuse. Eiffel is simply the best.
>
> Finally, I have no problem with Ken�s Putting BM & Co. feet to the
> flames. I enjoy seeing ideas stress tested and especially enjoy reading
> about the practical view of those involved in a particular industry. I
> do, however, object to Ken�s tone in some of his postings. As a reader I
> feel that I am being shouted at, and I don�t like it. Please keep
> posting Ken, but post calmer.
Sorry about that. Paraphrasing Twain: "I would have written calmer, but
I ran out of time."
I have no stong objection to the claim that I think you're making:
that DBC _might_ have improved the odds in this case. However, I think
there's a long way to go, for *this particular case*, to make the claim
that DBC would _probably_ have avoided the error. Improving the odds to
20%, for example, is still not "probably"!
>
> Thanks,
>
> Jeffrey W. Stulin
>
>
--
LMTAS - The Fighter Enterprise - "Our Brand Means Quality"
For job listings, other info: http://www.lmtas.com or
http://www.lmco.com
next prev parent reply other threads:[~1997-03-31 0:00 UTC|newest]
Thread overview: 247+ messages / expand[flat|nested] mbox.gz Atom feed top
1997-03-15 0:00 Papers on the Ariane-5 crash and Design by Contract Bertrand Meyer
1997-03-18 0:00 ` Ariane-5: can you clarify? (Re: Please do not start a language war) Jon S Anthony
[not found] ` <tz8ohcjv7cc.fsf@aimnet.com>
1997-03-16 0:00 ` Papers on the Ariane-5 crash and Design by Contract Robert Dewar
1997-03-17 0:00 ` Please do not start a language war (was " Jean-Marc Jezequel
1997-03-18 0:00 ` Ken Garlington
1997-03-19 0:00 ` Jean-Marc Jezequel
1997-03-19 0:00 ` Richard Kaiser
1997-03-21 0:00 ` Ken Garlington
1997-03-21 0:00 ` Jean-Marc Jezequel
1997-03-25 0:00 ` Ken Garlington
1997-03-26 0:00 ` Trust but verify " Robert S. White
1997-03-25 0:00 ` Bertrand Meyer
1997-03-26 0:00 ` Robb Nebbe
1997-03-27 0:00 ` Ken Garlington
1997-03-28 0:00 ` Jeffrey W. Stulin
1997-03-31 0:00 ` Ken Garlington [this message]
1997-03-28 0:00 ` Karel Th�nissen
1997-03-28 0:00 ` Ken Garlington
1997-04-07 0:00 ` Jean-Marc Jezequel
1997-03-29 0:00 ` the one and only real true kibo
[not found] ` <199703190839.JAA02652@stormbringer.irisa.fr>
1997-03-19 0:00 ` Please do not start a language war " Ken Garlington
1997-03-20 0:00 ` Robert S. White
1997-03-20 0:00 ` John L. Ahrens
1997-03-20 0:00 ` Martin Tom Brown
1997-03-21 0:00 ` Robert S. White
1997-03-21 0:00 ` Wolfgang Gellerich
1997-03-20 0:00 ` Roger T.
1997-03-21 0:00 ` Jean-Marc Jezequel
1997-03-24 0:00 ` Ken Garlington
1997-03-21 0:00 ` Ken Garlington
[not found] ` <tz8913l930b.fsf_-_@aimnet.com>
1997-03-18 0:00 ` Ariane-5: can you clarify? (Re: Please do not start a language war) Gavin Collings
1997-03-18 0:00 ` Ariane-5: can you clarify? (Re: Please do not start a language war Roedy Green
1997-03-18 0:00 ` Please do not start a language war (was Re: Papers on the Ariane-5 crash and Design by Contract Richard Irvine
1997-03-17 0:00 ` Paul Johnson
1997-03-17 0:00 ` Enrico Facchin - Sartori E.T.
1997-03-19 0:00 ` Anders Pytte
1997-03-18 0:00 ` Ken Garlington
1997-03-17 0:00 ` John McCabe
[not found] ` <tz8n2s1hrdc.fsf@aimnet.com>
1997-03-20 0:00 ` John McCabe
1997-03-20 0:00 ` John McCabe
1997-03-20 0:00 ` Jean-Marc Jezequel
1997-03-20 0:00 ` John McCabe
1997-03-21 0:00 ` Niall Cooling
1997-03-21 0:00 ` Gavin Collings
1997-03-27 0:00 ` Joachim Durchholz
1997-04-03 0:00 ` Gavin Collings
1997-04-03 0:00 ` Ken Garlington
1997-04-04 0:00 ` Derek Clarke
1997-04-04 0:00 ` Derek Clarke
1997-04-06 0:00 ` Robert Dewar
1997-04-07 0:00 ` Ken Garlington
1997-04-09 0:00 ` Gavin Collings
1997-04-03 0:00 ` Robert I. Eachus
1997-04-04 0:00 ` Derek Clarke
1997-04-04 0:00 ` Chris Beer
1997-04-04 0:00 ` Ken Garlington
1997-04-04 0:00 ` Robert Dewar
1997-04-03 0:00 ` Robin Rosenberg
1997-03-24 0:00 ` Ken Garlington
1997-03-26 0:00 ` Thomas Beale
1997-03-26 0:00 ` Ken Garlington
1997-03-21 0:00 ` "Paul E. Bennett"
1997-03-22 0:00 ` Nigel Tzeng
1997-03-23 0:00 ` John McCabe
1997-03-17 0:00 ` Please do not start a language war (was " Jon S Anthony
1997-03-18 0:00 ` Kent Tong
1997-03-20 0:00 ` Ranan Fraer
1997-03-17 0:00 ` Robert I. Eachus
1997-03-17 0:00 ` Martin Tom Brown
1997-03-17 0:00 ` Alexander Anderson
1997-03-17 0:00 ` Nick Leaton
1997-03-17 0:00 ` Richard Kaiser
1997-03-18 0:00 ` Richard Kaiser
1997-03-18 0:00 ` Nick Leaton
1997-03-19 0:00 ` Richard Kaiser
1997-03-19 0:00 ` Jean-Marc Jezequel
1997-03-19 0:00 ` Richard Kaiser
1997-03-19 0:00 ` Fergus Henderson
1997-03-18 0:00 ` Jean-Marc Jezequel
1997-03-19 0:00 ` Ken Garlington
1997-03-18 0:00 ` Richard Kaiser
1997-03-18 0:00 ` Nick Leaton
1997-03-18 0:00 ` "Paul E. Bennett"
1997-03-19 0:00 ` Nick Leaton
1997-03-24 0:00 ` Joachim Durchholz
1997-03-25 0:00 ` Robert Dewar
1997-03-31 0:00 ` Joachim Durchholz
1997-04-02 0:00 ` Robert Dewar
1997-04-03 0:00 ` Martin Tom Brown
1997-04-04 0:00 ` Jonathan Egre'
1997-04-06 0:00 ` Robert Dewar
1997-04-06 0:00 ` Nick Roberts
1997-04-04 0:00 ` Derek Clarke
1997-03-31 0:00 ` Jan Galkowski
1997-03-31 0:00 ` Alexander Anderson
1997-04-01 0:00 ` Alexander Anderson
1997-04-02 0:00 ` Ken Garlington
1997-03-20 0:00 ` John the Hamster
[not found] ` <tz8g1xtzx9y.fsf@aimnet.com>
1997-03-18 0:00 ` Anders Pytte
1997-03-18 0:00 ` Laurent Moussault
1997-03-18 0:00 ` Jean-Marc Jezequel
1997-03-18 0:00 ` Anders Pytte
1997-03-19 0:00 ` Programming language fanaticism! Louis Bastarache
1997-03-20 0:00 ` Anders Pytte
1997-03-20 0:00 ` Papers on the Ariane-5 crash and Design by Contract Matt Kennel (Remove 'nospam' to reply)
1997-03-24 0:00 ` Joachim Durchholz
1997-03-24 0:00 ` Anders Pytte
1997-03-26 0:00 ` Robert Dewar
1997-03-27 0:00 ` the one and only real true kibo
1997-03-29 0:00 ` the one and only real true kibo
1997-03-29 0:00 ` Nick S Bensema
1997-03-30 0:00 ` the one and only real true kibo
1997-03-26 0:00 ` Matt Kennel (Remove 'nospam' to reply)
1997-03-29 0:00 ` Anders Pytte
1997-03-29 0:00 ` Steve Furlong
1997-03-18 0:00 ` Anders Pytte
1997-03-21 0:00 ` Ken Garlington
1997-03-21 0:00 ` Bertrand Meyer
1997-03-21 0:00 ` William Clodius
1997-03-21 0:00 ` Bertrand Meyer
1997-03-23 0:00 ` William Clodius
1997-03-23 0:00 ` the one and only real true kibo
1997-03-22 0:00 ` Fergus Henderson
1997-03-22 0:00 ` Bertrand Meyer
1997-03-23 0:00 ` the one and only real true kibo
1997-03-23 0:00 ` Anders Pytte
1997-03-24 0:00 ` FUD (Re: Papers on the Ariane-5 crash and Design by Contract) Alexander Anderson
1997-03-24 0:00 ` Alexander Anderson
1997-03-23 0:00 ` Papers on the Ariane-5 crash and Design by Contract Anders Pytte
[not found] ` <3335BC24.13728473@eiffel.com>
1997-03-23 0:00 ` Bertrand Meyer
1997-03-24 0:00 ` Robert Dewar
1997-03-31 0:00 ` Ken Garlington
1997-04-01 0:00 ` Bertrand Meyer
1997-03-25 0:00 ` Ken Garlington
1997-03-24 0:00 ` Ken Garlington
1997-03-24 0:00 ` the one and only real true kibo
1997-03-24 0:00 ` John Hogg
1997-03-24 0:00 ` Ken Garlington
1997-03-26 0:00 ` Robert Dewar
1997-03-26 0:00 ` Ken Garlington
[not found] ` <E7ox17.MKx@syd.csa.com.au>
1997-03-28 0:00 ` Ken Garlington
1997-03-17 0:00 ` Bertrand Meyer
1997-03-18 0:00 ` John McCabe
1997-03-18 0:00 ` Ray McVay
1997-03-27 0:00 ` Robert Dewar
1997-03-29 0:00 ` the one and only real true kibo
1997-03-30 0:00 ` Nick Roberts
1997-04-06 0:00 ` Doctorb
1997-04-08 0:00 ` Ron Crocker
1997-04-11 0:00 ` Richard Riehle
1997-03-18 0:00 ` Ulrich Windl
1997-03-18 0:00 ` Jon S Anthony
1997-03-18 0:00 ` Robert I. Eachus
1997-03-18 0:00 ` Jon S Anthony
1997-03-18 0:00 ` Jon S Anthony
1997-03-19 0:00 ` Ron Forrester
1997-03-21 0:00 ` Ken Garlington
1997-03-22 0:00 ` Ron Forrester
1997-03-18 0:00 ` Jon S Anthony
1997-03-18 0:00 ` Ken Garlington
1997-03-19 0:00 ` Eric M. Boyd
1997-03-19 0:00 ` Jeffrey W. Stulin
[not found] ` <3345cd60.2092398@news.sydney.apana.org.au>
1997-04-03 0:00 ` Ariane-5 crash , Eiffel and Ada Jeffrey W. Stulin
1997-04-03 0:00 ` Nick Leaton
1997-04-08 0:00 ` AdaWorks
1997-03-18 0:00 ` Papers on the Ariane-5 crash and Design by Contract Tarjei Jensen
1997-03-19 0:00 ` Jon S Anthony
1997-03-20 0:00 ` Paul Johnson
1997-03-24 0:00 ` Ken Garlington
1997-03-24 0:00 ` Design by Contract in C++ (was Re: Papers on the Ariane-5 crash and Design by Contract) Anders Pytte
1997-03-20 0:00 ` Papers on the Ariane-5 crash and Design by Contract Jean-Marc Jezequel
1997-03-24 0:00 ` Ken Garlington
1997-03-19 0:00 ` Nick Leaton
1997-03-19 0:00 ` Ariane-5: can you clarify? (Re: Please do not start a language war) Karel Th�nissen
1997-03-19 0:00 ` Papers on the Ariane-5 crash and Design by Contract Karel Th�nissen
1997-03-19 0:00 ` Ken Garlington
1997-03-20 0:00 ` Martin Tom Brown
1997-03-21 0:00 ` Frank Manning
1997-03-21 0:00 ` Martin Tom Brown
1997-03-23 0:00 ` Frank Manning
1997-03-25 0:00 ` Ken Garlington
1997-03-20 0:00 ` Richard Kaiser
1997-03-24 0:00 ` Ken Garlington
1997-03-19 0:00 ` Ken Garlington
1997-03-19 0:00 ` Jon S Anthony
1997-03-19 0:00 ` Karel Th�nissen
1997-03-20 0:00 ` Robert I. Eachus
1997-03-20 0:00 ` Ariane-5: can you clarify? (Re: Please do not start a language war) Nick Leaton
1997-03-20 0:00 ` Papers on the Ariane-5 crash and Design by Contract Robert I. Eachus
1997-03-20 0:00 ` Ariane-5: can you clarify? (Re: Please do not start a language war) Karel Th�nissen
1997-03-20 0:00 ` Nick Leaton
1997-03-21 0:00 ` Papers on the Ariane-5 crash and Design by Contract Alexander Anderson
1997-03-23 0:00 ` "Paul E. Bennett"
[not found] ` <tz8sp1qiywm.fsf@aimnet.com>
1997-03-21 0:00 ` ae59
1997-03-21 0:00 ` Ulrich Windl
1997-03-21 0:00 ` Please do not start a language war (was " Jon S Anthony
1997-03-22 0:00 ` Bertrand Meyer
1997-03-23 0:00 ` Dale Stanbrough
[not found] ` <3335E18E.33590565@eiffel.com>
1997-03-23 0:00 ` FUD (Re: Papers on the Ariane-5 crash and Design by Contract) Bertrand Meyer
1997-03-24 0:00 ` William Grosso
1997-03-24 0:00 ` William Clodius
1997-03-24 0:00 ` Bertrand Meyer
1997-03-24 0:00 ` Brad Appleton
1997-03-24 0:00 ` Papers on the Ariane-5 crash and Design by Contract Robert Dewar
1997-03-24 0:00 ` Manners (was Re: Papers on the Ariane-5 crash and Design by Contract) Bertrand Meyer
1997-03-25 0:00 ` the one and only real true kibo
1997-03-22 0:00 ` Papers on the Ariane-5 crash and Design by Contract Bertrand Meyer
1997-03-22 0:00 ` Anders Pytte
1997-03-23 0:00 ` Steve Furlong
1997-03-24 0:00 ` Anders Pytte
1997-03-24 0:00 ` Simulating Eiffel-style assertions (was: Papers on the Ariane-5 crash and Design by Contract) Wolfgang Reddig
1997-03-24 0:00 ` Anders Pytte
1997-03-25 0:00 ` Wolfgang Reddig
1997-03-25 0:00 ` Anders Pytte
1997-03-31 0:00 ` Joachim Durchholz
1997-03-26 0:00 ` Alan Brain
1997-03-26 0:00 ` Wolfgang Reddig
1997-03-29 0:00 ` How old time languages survive EJon
1997-03-22 0:00 ` Ariane-5: can you clarify? (Re: Please do not start a language war) Stuart Yeates
1997-03-22 0:00 ` Papers on the Ariane-5 crash and Design by Contract Jon S Anthony
1997-03-28 0:00 ` Matt Kennel (Remove 'nospam' to reply)
1997-03-24 0:00 ` Ken Garlington
1997-03-24 0:00 ` Jon S Anthony
1997-03-24 0:00 ` Ariane-5: can you clarify? (Re: Please do not start a language war) Ken Garlington
1997-03-24 0:00 ` Papers on the Ariane-5 crash and Design by Contract Alexander Anderson
1997-03-24 0:00 ` Ken Garlington
1997-03-24 0:00 ` Ariane-5: can you clarify? (Re: Please do not start a language war) Ken Garlington
1997-03-24 0:00 ` Papers on the Ariane-5 crash and Design by Contract Robb Nebbe
1997-03-24 0:00 ` Ariane-5: can you clarify? (Re: Please do not start a language war) William Clodius
1997-03-24 0:00 ` Papers on the Ariane-5 crash and Design by Contract Ken Garlington
1997-03-27 0:00 ` Joachim Durchholz
1997-03-31 0:00 ` Ken Garlington
1997-04-06 0:00 ` Joachim Durchholz
1997-03-24 0:00 ` Ariane-5: can you clarify? (Re: Please do not start a language war) Nick Leaton
1997-03-25 0:00 ` Papers on the Ariane-5 crash and Design by Contract Robert I. Eachus
1997-03-25 0:00 ` Ariane-5: can you clarify? (Re: Please do not start a language war) Ken Garlington
1997-03-25 0:00 ` Ken Garlington
1997-03-25 0:00 ` David Starr
1997-03-26 0:00 ` Papers on the Ariane-5 crash and Design by Contract Ken Garlington
1997-03-26 0:00 ` Jon S Anthony
1997-03-26 0:00 ` Alexander Anderson
1997-03-27 0:00 ` Trust but verify (was " Robert I. Eachus
1997-03-28 0:00 ` Robert I. Eachus
1997-03-28 0:00 ` Jon S Anthony
1997-03-31 0:00 ` Ken Garlington
1997-03-19 0:00 ` Chris Brand
1997-03-23 0:00 ` the one and only real true kibo
replies disabled
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox