Re: Ada safety road Was: Which is right ...

[swhalen@netcom.com]

Robert Dewar (robert_dewar@my-deja.com) wrote:
: 
: There is a big difference between high integrity software
: (yes, most certainly safety critical is a little too
: restrictive) and the general notion of reliable software.
: 
: All software should be written in a reliable manner, and using
: techniques that promote reliability.
: 
: The danger of making the jump from high integrity to...
[snip]
: I have more than once run into situations where people write
: a chunk of a program in C because some nitwit manager has
: forbidden the use of (e.g.) unchecked conversion completely.

Many excellent points and much useful information in this thread.

I agree with those who believe that the 359 document should be
"pushed" more widely in the Ada community.

I take your point that over emphasis of "high integrity" processes
like those described in the 359 document can lead to unintended
consequences or needless expense or even failed projects.

However, in many systems there are portions of the system that MUST be
more reliable and robust and trusted than the rest of the system. The
techniques and processes described in the "high integrity" document
may be entirely appropriate for a small portion of a larger system.

By applying the "high integrity" processes and $$$ to a small portion
of a larger system, you can greatly increase overall reliablity and
improve the value of the system, even if the system is not in one of
the categories of systems we typically think of as requiring "high
integrity".

Steve

-- 
{===--------------------------------------------------------------===}
                Steve Whalen     swhalen@netcom.com
{===--------------------------------------------------------------===}