From: Robert Dewar <robert_dewar@my-deja.com>
Subject: Re: Is an RTOS Required for Ada?
Date: 1999/06/09
Date: 1999-06-09T00:00:00+00:00 [thread overview]
Message-ID: <7jmn98$vs1$1@nnrp1.deja.com> (raw)
In-Reply-To: wccn1y9i9f2.fsf@world.std.com
In article <wccn1y9i9f2.fsf@world.std.com>,
Robert A Duff <bobduff@world.std.com> wrote:
> The question was why is a no-run-time-system implementation of
> Ada better for safety-critical applications. I don't think
> Robert Dewar and George Romanski have answered it in the
> technical sense. They both seemed to be saying, "because the
> standards say so". Well, that's a reason, but it's not a
> *technical* reasion.
The point is that safety-critical systems must be certified.
Certification implies many things.
No one said that a no-run-time system is better for SC
applications, and I seriously doubt George would agree,
seing as Aonix is in the business of selling certified
runtimes for this purpose!
The point is that given the certification requirement, the
no-run-time approach is a practical one for meeting the
requirements in a cost effective manner. Notice I say "a"
practical one, not "the only" practical one.
I think Bob is confused into thinking that the only requirement
for an SC system is that it work reliably. Well that is not the
case, it has to be SEEN and BELIEVED to work reliably by those
who acquire it, and it is for this that certification is
required.
Sure, you can take issue with the particular requirements of
certification if you like (although you need to know quite a bit
about the field to do so in an informed manner), but given the
current certification requirements, and in particular the fact
that you cannot certify code after the fact, this approach makes
sense.
Is this a technical requirement? I am not quite sure what that
means. Given that the specification *requires* certification
according to a standard, I would say that it is indeed a
technical requirement that any implementation approach adhere to
these certification requirements.
If for you technical is narrowly restricted to the idea of
code and whether it works or not, that is simply far too
restricted a notion to be useful in a safety critical
context.
Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.
next prev parent reply other threads:[~1999-06-09 0:00 UTC|newest]
Thread overview: 23+ messages / expand[flat|nested] mbox.gz Atom feed top
1999-05-13 0:00 Is an RTOS Required for Ada? Tramse
1999-05-13 0:00 ` Rakesh Malhotra
1999-05-14 0:00 ` Tramse
1999-05-16 0:00 ` Robert Dewar
1999-05-19 0:00 ` Robert A Duff
1999-05-20 0:00 ` Robert Dewar
1999-05-25 0:00 ` George Romanski
1999-05-25 0:00 ` Robert Dewar
1999-05-26 0:00 ` George Romanski
1999-05-28 0:00 ` Robert Dewar
1999-06-09 0:00 ` Robert A Duff
1999-06-09 0:00 ` Robert Dewar [this message]
1999-05-28 0:00 ` Rod Chapman
1999-05-28 0:00 ` Robert Dewar
1999-05-28 0:00 ` Richard D Riehle
1999-05-28 0:00 ` David C. Hoos, Sr.
1999-05-20 0:00 ` Tarjei Tj�stheim Jensen
1999-05-20 0:00 ` Larry Kilgallen
1999-05-20 0:00 ` Tarjei Tj�stheim Jensen
1999-05-20 0:00 ` Larry Kilgallen
1999-05-21 0:00 ` Robert Dewar
1999-05-13 0:00 ` Marin David Condic
1999-05-16 0:00 ` Robert Dewar
replies disabled
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox