From: John Apa <japa@DIE_SPAMMER.dasd.honeywell.com>
Subject: Re: Not intended for use in medical,
Date: 1997/04/30
Date: 1997-04-30T00:00:00+00:00 [thread overview]
Message-ID: <3367CE1E.5ED1@DIE_SPAMMER.dasd.honeywell.com> (raw)
In-Reply-To: 5k5ifi$8db@bcrkh13.bnr.ca
Kaz Kylheku wrote:
>
> In article <dewar.862270256@merv>, Robert Dewar <dewar@merv.cs.nyu.edu> wrote:
> >John said
> >
> ><<If it were me designing life support systems for medical use I'd:
> >Make use of Appendix H (Safety and Security) in Ada95.
> >Review the object code.
> >And then test the hell out of it like my life depended on it.>>
> >
> >This sounds like depending on testing too much, and on formal methods
> >too little -- there is a balance sure, but the above seems unbalanced.
>
> Reviewing the object code is (or can be) a formal method. Maybe the
> use of the word ``hell'' shifts the perception of balance. :)
Yes, perhaps I added emphasis to the wrong part. Formal methods are a
great thing if you can get everyone to follow them. To me it seems as if
many people talk about it yet few actually follow it. This is bad. A
team using a well defined and accepted development process and formal
methods can do great things. But it only takes one of the team to "just
make a quick fix" and then the fun begins.
In any case if my life depended on it, I would still test it beyond what
many would consider "acceptable". I have slipped my own schedules in
order to do a little extra testing or desk checking when I (or others)
felt it was required for safety (life and/or data) purposes. I think we
owe our end users that, especially the ones who trust our work to keep
their planes in the air.
To bad MS didn't feel that way about their products.
>
> It's a pity that this discussion was confined to comp.lang.ada, because I
> missed a lot of it, even though I sparked it with quote from the Intel
> document.
>
snipped a good example
--
***********************************
Standard Disclaimers Apply
John Thomas Apa
Replace "DIE_SPAMMER" with "delphi" to email.
Honeywell Defense Avionics Systems
Albuquerque, New Mexico.
***********************************
next prev parent reply other threads:[~1997-04-30 0:00 UTC|newest]
Thread overview: 127+ messages / expand[flat|nested] mbox.gz Atom feed top
1997-04-23 0:00 Not intended for use in medical, Robert C. Leif, Ph.D.
1997-04-24 0:00 ` J. Florio
1997-04-25 0:00 ` Kevin Cline
1997-04-25 0:00 ` Robert Dewar
1997-04-25 0:00 ` Ken Garlington
1997-04-28 0:00 ` John Apa
1997-04-28 0:00 ` John M. Mills
1997-04-30 0:00 ` Larry Kilgallen
1997-05-02 0:00 ` Nick Roberts
1997-04-28 0:00 ` Robert Dewar
1997-04-29 0:00 ` Kaz Kylheku
1997-04-30 0:00 ` John Apa [this message]
[not found] ` <3367CE1E.5ED1@die_spammer.dasd.honeywell.com>
1997-05-01 0:00 ` Kaz Kylheku
1997-05-03 0:00 ` Simon Wright
1997-05-04 0:00 ` Robert Dewar
1997-05-04 0:00 ` Richard Kenner
1997-05-04 0:00 ` Kaz Kylheku
1997-05-04 0:00 ` Robert Dewar
1997-05-04 0:00 ` Richard Kenner
1997-05-05 0:00 ` Kaz Kylheku
1997-05-06 0:00 ` Kaz Kylheku
1997-05-06 0:00 ` Robert A Duff
1997-05-07 0:00 ` Robert Dewar
1997-05-08 0:00 ` John G. Volan
1997-05-10 0:00 ` Robert Dewar
1997-05-10 0:00 ` John G. Volan
1997-05-11 0:00 ` Robert Dewar
1997-05-11 0:00 ` John G. Volan
1997-05-11 0:00 ` Robert A Duff
1997-05-12 0:00 ` John G. Volan
1997-05-12 0:00 ` Robert Dewar
1997-05-11 0:00 ` John G. Volan
1997-05-11 0:00 ` Robert Dewar
1997-05-12 0:00 ` John G. Volan
1997-05-12 0:00 ` Robert Dewar
1997-05-17 0:00 ` Robert I. Eachus
[not found] ` <dewar.863877808@merv>
1997-05-17 0:00 ` Robert Dewar
1997-05-17 0:00 ` Jon S Anthony
1997-05-21 0:00 ` Syntax for tagged record types (was Re: Not intended for use in medical,) Ben Brosgol
1997-05-20 0:00 ` Matthew Heaney
1997-05-21 0:00 ` Jon S Anthony
1997-05-21 0:00 ` Matthew Heaney
1997-05-22 0:00 ` Robert I. Eachus
1997-05-25 0:00 ` Matthew Heaney
1997-05-28 0:00 ` Robert I. Eachus
1997-05-23 0:00 ` Jon S Anthony
1997-05-23 0:00 ` Matthew Heaney
1997-05-25 0:00 ` Jon S Anthony
1997-05-28 0:00 ` Syntax for tagged record types (was Re David Kristola
1997-05-23 0:00 ` Syntax for tagged record types (was Re: Not intended for use in medical,) Simon Wright
1997-05-21 0:00 ` Syntax for tagged record types and class types Mats Weber
1997-05-21 0:00 ` Matthew Heaney
1997-05-22 0:00 ` Mats Weber
1997-05-27 0:00 ` Tucker Taft
1997-05-30 0:00 ` Mats.Weber
1997-05-22 0:00 ` Samuel A. Mize
1997-05-22 0:00 ` Samuel A. Mize
1997-05-23 0:00 ` Mats Weber
[not found] ` <mheaney-ya023680002005972314260001@news.ni.net <mheaney-ya023680002105972302430001@news.ni.net>
1997-05-22 0:00 ` Syntax for tagged record types (was Re: Not intended for use in medical,) Robert A Duff
1997-05-22 0:00 ` John G. Volan
1997-05-23 0:00 ` Matthew Heaney
1997-05-23 0:00 ` Jon S Anthony
1997-05-23 0:00 ` Matthew Heaney
1997-05-25 0:00 ` Robert Dewar
1997-05-25 0:00 ` Jon S Anthony
1997-05-27 0:00 ` Ray Blaak
1997-05-23 0:00 ` John G. Volan
1997-05-24 0:00 ` Robert A Duff
1997-05-24 0:00 ` Matthew Heaney
1997-05-28 0:00 ` Robert I. Eachus
1997-05-25 0:00 ` Jon S Anthony
1997-05-23 0:00 ` Jon S Anthony
1997-05-12 0:00 ` Not intended for use in medical, John G. Volan
1997-05-12 0:00 ` Language Design Mistakes (was "not intended...") W. Wesley Groleau (Wes)
1997-05-13 0:00 ` Robert Dewar
1997-05-13 0:00 ` W. Wesley Groleau (Wes)
1997-05-13 0:00 ` Robert A Duff
1997-05-14 0:00 ` Robert Dewar
1997-05-08 0:00 ` Not intended for use in medical, Robert A Duff
1997-05-09 0:00 ` Robert I. Eachus
1997-05-11 0:00 ` Robert Dewar
1997-05-11 0:00 ` Matthew Heaney
1997-05-12 0:00 ` Robert Dewar
1997-05-12 0:00 ` Matthew Heaney
1997-05-13 0:00 ` Jon S Anthony
1997-05-13 0:00 ` Matthew Heaney
1997-05-14 0:00 ` Robert Dewar
1997-05-14 0:00 ` Robert Dewar
1997-05-14 0:00 ` Robert Dewar
1997-05-15 0:00 ` W. Wesley Groleau (Wes)
1997-05-14 0:00 ` Robert Dewar
1997-05-14 0:00 ` Nick Roberts
1997-05-12 0:00 ` Robert I. Eachus
1997-05-13 0:00 ` Robert Dewar
1997-05-14 0:00 ` Nick Roberts
1997-05-14 0:00 ` Robert Dewar
[not found] ` <01bc6182$30e3a7c0$LocalHost@xhv46.dial.pipex.com>
1997-05-16 0:00 ` Robert A Duff
1997-05-16 0:00 ` Robert I. Eachus
1997-05-18 0:00 ` Nick Roberts
1997-05-18 0:00 ` Matthew Heaney
1997-05-19 0:00 ` Robert I. Eachus
1997-05-19 0:00 ` Matthew Heaney
1997-05-20 0:00 ` Nick Roberts
1997-05-20 0:00 ` Matthew Heaney
1997-05-21 0:00 ` Dale Stanbrough
1997-05-19 0:00 ` Robert A Duff
1997-05-16 0:00 ` Robert Dewar
1997-05-08 0:00 ` Kaz Kylheku
1997-05-08 0:00 ` Robert Dewar
1997-05-09 0:00 ` Kaz Kylheku
1997-05-12 0:00 ` W. Wesley Groleau (Wes)
1997-05-12 0:00 ` John G. Volan
1997-05-14 0:00 ` Nick Roberts
1997-05-14 0:00 ` Robert Dewar
1997-05-14 0:00 ` Jeff Carter
[not found] ` <dewar.863632434@merv>
1997-05-15 0:00 ` Kaz Kylheku
1997-05-18 0:00 ` Robert Dewar
1997-05-15 0:00 ` Kaz Kylheku
1997-05-07 0:00 ` Kaz Kylheku
1997-05-08 0:00 ` Robert A Duff
-- strict thread matches above, loose matches on Subject: below --
1997-04-25 0:00 Robert C. Leif, Ph.D.
1997-05-12 0:00 Marin David Condic, 561.796.8997, M/S 731-93
1997-05-13 0:00 ` Robert Dewar
1997-05-14 0:00 Marin David Condic, 561.796.8997, M/S 731-93
1997-05-14 0:00 tmoran
1997-05-14 0:00 Marin David Condic, 561.796.8997, M/S 731-93
1997-05-19 0:00 Robert C. Leif, Ph.D.
replies disabled
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox