From mboxrd@z Thu Jan  1 00:00:00 1970
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me
X-Spam-Level: 
X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00 autolearn=ham
	autolearn_force=no version=3.4.4
X-Google-Language: ENGLISH,ASCII-7-bit
X-Google-Thread: 103376,1e3f2eac5c026e3
X-Google-Attributes: gid103376,public
X-Google-ArrivalTime: 2003-12-27 06:09:25 PST
Path: 
 archiver1.google.com!news2.google.com!newsfeed2.dallas1.level3.net!news.level3.com!crtntx1-snh1.gtei.net!news.gtei.net!newsfeed1.easynews.com!easynews.com!easynews!bigfeed2.bellsouth.net!news.bellsouth.net!elnk-atl-nf1!newsfeed.earthlink.net!stamper.news.atl.earthlink.net!newsread3.news.atl.earthlink.net.POSTED!d9c68f36!not-for-mail
Message-ID: <3FED9286.5050800@noplace.com>
From: Marin David Condic <nobody@noplace.com>
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US;
 rv:1.0.1) Gecko/20020823 Netscape/7.0 (OEM-HPQ-PRS1C03)
X-Accept-Language: en-us, en
MIME-Version: 1.0
Newsgroups: comp.lang.ada
Subject: Re: Other Ada Standards (was Re: SIGada Conference)
References: <468D78E4EE5C6A4093A4C00F29DF513D04B82B08@VS2.hdi.tvcabo>
   <wuSdneE1q-4HuHqiRVn-sA@comcast.com> <kEGFb.292$kg.11855@eagle.america.net>
 <bs9s3f$2bj2$1@msunews.cl.msu.edu> <3FE991DD.5060301@noplace.com>
 <bebbba07.0312241216.161fb3f5@posting.google.com>
 <wccekutx599.fsf@shell01.TheWorld.com> <3FEA5C82.8050309@noplace.com>
 <bebbba07.0312242235.33b86222@posting.google.com>
 <bselgl$k99$1@a1-hrz.uni-duisburg.de> <3FEB047A.1040100@noplace.com>
 <bebbba07.0312261209.412acff7@posting.google.com>
 <bsiutu$1nt$1@a1-hrz.uni-duisburg.de>
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
Date: Sat, 27 Dec 2003 14:09:25 GMT
NNTP-Posting-Host: 209.165.23.22
X-Complaints-To: abuse@earthlink.net
X-Trace: newsread3.news.atl.earthlink.net 1072534165 209.165.23.22 (Sat,
 27 Dec 2003 06:09:25 PST)
NNTP-Posting-Date: Sat, 27 Dec 2003 06:09:25 PST
Organization: EarthLink Inc. -- http://www.EarthLink.net
Xref: archiver1.google.com comp.lang.ada:3845
Date: 2003-12-27T14:09:25+00:00
List-Id: <comp.lang.ada>

Not many developers have experience with formal verification. They tend 
to see only the code change and not all the effort that needs to go into 
testing and verification the instant you flip a single bit in an image. 
I once had a customer ask me "Can you guarantee me that if you change a 
single word in memory that it won't blow up my billion dollar payload?" 
On reflection, I wasn't willing to bet a billion of his dollars on my 
*guess* that there wasn't some corner-case or unusual condition that 
might make a simple change of a constant blow up the rocket. That's why 
we test and that gets expensive.

A compiler is probably not so dangerous as a rocket engine control, but 
failure to pass validation because some "trivial" change had some subtle 
problem that the original programmer didn't understand is a) expensive 
and b) embarrassing to a company's reputation. That's why on important 
software there is no such thing as a "trivial" change.

MDC


Georg Bauhaus wrote:
> 
> (And You seem to have access to a fast machine when it translates
> a compiler and runs all tests within 10 minutes, in all required
> configurations. Provided the tests have been written within the
> 30 minutes allocated for the implementation of the language change. :-)
> 

-- 
======================================================================
Marin David Condic
I work for: http://www.belcan.com/
My project is: http://www.jsf.mil/NSFrames.htm

Send Replies To: m   o   d   c @ a   m   o   g
                    c   n   i       c   .   r

     "Face it ladies, its not the dress that makes you look fat.
     Its the FAT that makes you look fat."

         --  Al Bundy

======================================================================