From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me X-Spam-Level: * X-Spam-Status: No, score=1.3 required=5.0 tests=BAYES_00,INVALID_MSGID, MSGID_RANDY autolearn=no autolearn_force=no version=3.4.4 X-Google-Language: ENGLISH,ASCII-7-bit X-Google-Thread: 103376,6405eefbf080daa6 X-Google-Attributes: gid103376,public From: Robert Dewar Subject: Re: Is an RTOS Required for Ada? Date: 1999/06/09 Message-ID: <7jmn98$vs1$1@nnrp1.deja.com>#1/1 X-Deja-AN: 487636681 References: <373B2927.7B22F898@pop.safetran.com> <19990514155120.03860.00000396@ng-cr1.aol.com> <7hmc18$jr6$1@nnrp1.deja.com> <7i1b7p$3nb$1@nnrp1.deja.com> <7ifapi$lf1$1@nnrp1.deja.com> X-Http-Proxy: 1.0 x42.deja.com:80 (Squid/1.1.22) for client 205.232.38.14 Organization: Deja.com - Share what you know. Learn what you don't. X-Article-Creation-Date: Wed Jun 09 21:45:14 1999 GMT Newsgroups: comp.lang.ada X-Http-User-Agent: Mozilla/4.04 [en] (OS/2; I) Date: 1999-06-09T00:00:00+00:00 List-Id: In article , Robert A Duff wrote: > The question was why is a no-run-time-system implementation of > Ada better for safety-critical applications. I don't think > Robert Dewar and George Romanski have answered it in the > technical sense. They both seemed to be saying, "because the > standards say so". Well, that's a reason, but it's not a > *technical* reasion. The point is that safety-critical systems must be certified. Certification implies many things. No one said that a no-run-time system is better for SC applications, and I seriously doubt George would agree, seing as Aonix is in the business of selling certified runtimes for this purpose! The point is that given the certification requirement, the no-run-time approach is a practical one for meeting the requirements in a cost effective manner. Notice I say "a" practical one, not "the only" practical one. I think Bob is confused into thinking that the only requirement for an SC system is that it work reliably. Well that is not the case, it has to be SEEN and BELIEVED to work reliably by those who acquire it, and it is for this that certification is required. Sure, you can take issue with the particular requirements of certification if you like (although you need to know quite a bit about the field to do so in an informed manner), but given the current certification requirements, and in particular the fact that you cannot certify code after the fact, this approach makes sense. Is this a technical requirement? I am not quite sure what that means. Given that the specification *requires* certification according to a standard, I would say that it is indeed a technical requirement that any implementation approach adhere to these certification requirements. If for you technical is narrowly restricted to the idea of code and whether it works or not, that is simply far too restricted a notion to be useful in a safety critical context. Sent via Deja.com http://www.deja.com/ Share what you know. Learn what you don't.