Re: RATIONAL TESTMATE for ADA Testing - Any experiences to share ?

[Robert Dewar <robert_dewar@my-dejanews.com>]

In article <7id9ss$r41$1@ins8.netins.net>,
  "Brian Collins" <bjcollin@hotmail.com> wrote:
> Robert,
>
> Having a validated compiler, as I think
> you mean the word, is important to say that functionally the
> compiler will produce the correct code, but that is only a
> very minor step.

I know perfectly well what is involved in verification of
safety-critical code, but I am afraid you miss my point.

Validation of the compiler does NOT "say" that "functionally
the compiler will produce the correct code". Validation of
a compiler is neither necessary nor sufficient to make such
a guarantee.

That was my point, I am always worried that people read more
into validation than is there, and the folks who REALLY know
what verification is about are all too quick to assume that
precisely that validation means that you have this assurance.
it does not, it merely means that a set of tests have passed.
These tests are *entirely* black box tests, so nothing like
coverage or branch testing of the compiler is assured by the
fact that it passes the ACVC tests.

Robert Dewar

P.S. Here at Ada Core Technologies, we are indeed quite aware
of what is involved in certifying and verifying code. That is
why our approach to safety-critical systems is to provide GNORT,
a version of GNAT with absolutely no run-time at all (which
means we don't have to certify our run-time!)



--== Sent via Deja.com http://www.deja.com/ ==--
---Share what you know. Learn what you don't.---