From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me X-Spam-Level: * X-Spam-Status: No, score=1.3 required=5.0 tests=BAYES_00,INVALID_MSGID, MSGID_RANDY autolearn=no autolearn_force=no version=3.4.4 X-Google-Language: ENGLISH,ASCII-7-bit X-Google-Thread: 103376,74b55538385b7366 X-Google-Attributes: gid103376,public From: Robert Dewar Subject: Re: Ada safety road Was: Which is right ... Date: 1999/06/13 Message-ID: <7jvakl$nqi$1@nnrp1.deja.com>#1/1 X-Deja-AN: 488966616 References: <928083159.436.79@news.remarQ.com> <928174549.336.98@news.remarQ.com> <7iuqkc$ln6$1@nnrp1.deja.com> <928529202.956.79@news.remarQ.com> <928569312.951.42@news.remarQ.com> <7jb1l9$694$1@nnrp1.deja.com> <928703068.617.98@news.remarQ.com> <375F6F0B.AD735B5B@praxis-cs.co.uk> <7jo1d2$kno$1@pegasus.csx.cam.ac.uk> <929128919.557.95@news.remarQ.com> <7jsdkf$v3p$1@nnrp1.deja.com> <929221844.567.59@news.remarQ.com> X-Http-Proxy: 1.0 x39.deja.com:80 (Squid/1.1.22) for client 205.232.38.14 Organization: Deja.com - Share what you know. Learn what you don't. X-Article-Creation-Date: Sun Jun 13 04:04:40 1999 GMT Newsgroups: comp.lang.ada X-Http-User-Agent: Mozilla/4.04 [en] (OS/2; I) Date: 1999-06-13T00:00:00+00:00 List-Id: In article <929221844.567.59@news.remarQ.com>, "Vladimir Olensky" wrote: > > Robert Dewar wrote in message <7jsdkf$v3p$1@nnrp1.deja.com>... > >In article <929128919.557.95@news.remarQ.com>, > > "Vladimir Olensky" wrote: > >> I was talking exactly about such kind of document (may be more > >> comprehensive though). > > > >I am really not sure how this document could be more > >comprehensive. Perhaps you miss the point, which is that > >it is VERY specifically aimed at safety critical programming > >in Ada, and is not for a moment a general style document. > > > >In fact safety-critical programming is a rather specialized > >area, so although I agree this document is very valuable, > >I am not quite sure I share your view of its universal > >applicability! > > Please read more carefully other people posts prior to making > claims that > someone has missed the point. > Many people have heard this more than once :-( > It seems that we have here one person who thinks that he never > misses the point :-) > Let's join the club :-) > > As a matter of fact I was talking "about such kind of document " that I had > in mind when I did not know about N359. > I could not agree that writing reliable software is > specialized area. > Just contrary I think that this is universal area. There is a big difference between high integrity software (yes, most certainly safety critical is a little too restrictive) and the general notion of reliable software. All software should be written in a reliable manner, and using techniques that promote reliability. The danger of making the jump from high integrity to realiable with such facility, is that the next thing you know, managers decide that the kind of restrictions that are suggested in the HRG document are appropriate for general purpose programming if "realiability" is important. Since reliability is ALWAYS important this will mean that we get more of the disease of arbitrarily forbidding critical Ada constructs under the illusion that it helps! I have more than once run into situations where people write a chunk of a program in C because some nitwit manager has forbidden the use of (e.g.) unchecked conversion completely. Validimir, it was you who said you thought the HRG document could be more comprehensive -- what did you mean? Remember that the HRG has a very restrictive mandate. As it's name implies it is in the specific business of looking at issues related to Annex H, the Safety and Security annex of the standard. It is not at all the case that the document at hand is in any sense a general prescription for all Ada programming, and if people read it with this (mis)understanding, then it is a pity, because this very valuable (in context) document may end up resulting in some significant negative effects. So there's the question Vladimir -- to make your position VERY clear, explain your criticism of the HRG document, namely that it is not comprehensive, by giving examples where you think it is lacking. My point of view is that this document is an excellent AND complete summary statement of what is needed for high integrity programming in Ada. Sent via Deja.com http://www.deja.com/ Share what you know. Learn what you don't.