From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me X-Spam-Level: X-Spam-Status: No, score=-1.3 required=5.0 tests=BAYES_00,INVALID_MSGID autolearn=no autolearn_force=no version=3.4.4 X-Google-Language: ENGLISH,ASCII-7-bit X-Google-Thread: fac41,2c6139ce13be9980 X-Google-Attributes: gidfac41,public X-Google-Thread: 1014db,3d3f20d31be1c33a X-Google-Attributes: gid1014db,public X-Google-Thread: 1108a1,2c6139ce13be9980 X-Google-Attributes: gid1108a1,public X-Google-Thread: 103376,3d3f20d31be1c33a X-Google-Attributes: gid103376,public X-Google-Thread: 109fba,2c6139ce13be9980 X-Google-Attributes: gid109fba,public X-Google-Thread: f43e6,2c6139ce13be9980 X-Google-Attributes: gidf43e6,public From: WhiteR@no.spam.please.CRPL.Cedar-Rapids.lib.IA.US (Robert S. White) Subject: Re: Safety-critical development in Ada and Eiffel Date: 1997/07/11 Message-ID: <5q45af$kjs$1@flood.weeg.uiowa.edu>#1/1 X-Deja-AN: 256094002 References: Organization: If you have a good KTN then I might tell you. Newsgroups: comp.object,comp.software-eng,comp.lang.ada,comp.lang.eiffel,comp.lang.c,comp.lang.c++ Date: 1997-07-11T00:00:00+00:00 List-Id: In article , gwinn@res.ray.com says... ...snip... >However, there was a lot more to it than to say it was Ada: We were >required to use a special safety-critical-code subset of Ada, which was >*sharply* smaller than Ada83. (I no longer recall the details, but I >could dig them up, given a week or three. It seems to me that it was a >commercial product.) > >Perhaps aside from the strong typing, it was not clear just what was left >that was particular to Ada, or why one couldn't do the same radical >simplification to any language one might choose, to much the same effect. > >So, I don't know that I buy the theory that Ada83 or Ada95 is the only >choice for safety-critical systems, as what survives isn't really either >language, and one can do the same surgery on any reasonable language. ...snip... Sorry Joe I do not agree! Even if you strip down Ada 83 to a small subset you still benefit from a lot of the design requirements that went into the language. What really are you alternatives? C or Fortran? Neither are strongly typed. Modula 2 or Oberon? Not very widespread. Just _what_ is your alternative language of choice (subsetted) for safty critical applications? Methinks you protest too much. Ada has worked out well for a number of years for safety critical applications in avionics and other embedded real time control applications. What _IS_ the alternate _BETTER_ language of choice? I have been implementing software solutions in industry since 1978 so I think I qualify as an equal curmudgeon to yourself as far is to what works and what does not work. No silver bullets, although a good problem domain understanding, actual software _design_ with peer reviews, and software inspections with checklists, and finally low level whitebox software module tests (along with final qual tests to requirements) work best for safety-critical software. Ada is still an aid, IMO for the end safety-critical objective. Eiffel has yet to prove its advantages to me. I agree with Ken, most of the Eiffel type assertions can also be done in Ada. Esp GNAT ada95. _____________________________________________________________________ Robert S. White -- An embedded systems software engineer