Re: Porting ADA source

["Robert I. Eachus" <rieachus@comcast.net>]

Marin David Condic wrote:

> Maybe its time to dredge out the "Tower Of Babel" analogy once again? 
> Large efforts that involve lots of people and complicated decisions seem 
> to be very hard to do and sometimes become impossible. They never go 
> forward without errors. People always have their own styles and agendas 
> they try to impose on the project. No two engineers are going to agree 
> 100% of the time on the relative merits of various design decisions. 
> People will always misuse tools. Maybe that's a gas law or a "Y = MX + 
> B" kind of aspect of the universe. Ada rather deliberately set itself 
> the goal of trying to overcome the Tower Of Babel syndrome - maybe there 
> is some hubris in there?

No.  Hubris would be asserting that MY work is perfect and I don't need 
code reviews and test plans.  Having a goal of zero defects is not 
hubris, it is good (software) engineering.  With physical products, 
expecting that every widget will be perfect may result in 
overengineering.  But with software, if you have any major defects in 
the final product, the yield is zero.  So when the alternatives are 100% 
good software and 0%, the only goal that makes sense is to eliminate all 
bugs.

 From long personal experience, with Ada it is possible to have residual 
defect levels under one bug per thousand SLOC after unit test.  One 
residual bug per 10,000 SLOC is often possible, but it can only be a 
goal not a requirement.  (If you want the requirement to be zero 
residual bugs after unit test, use SPARK.  There are always some system 
level bugs that can't be caught during unit test.  The SPARK Examiner 
should catch most of these during software integration.)

If you have less than one bug per thousand SLOC, you can realistically 
expect to find and fix all remaining bugs during system test.  Also from 
painful experience, if the residual bug rate going into system test is 
above 1 per 100 SLOC (or 10 per KSLOC, which sounds worse ;-) you can't 
afford to find and fix all the bugs.  It literally is cheaper to throw 
the code away and start over if you need high quality software.

This should all be Software Engineering 101, and taught to 
undergraduates.  Unfortunately, most software engineering has to be 
learned either on the job, or in grad school after having a couple
years of industry experience.  Maybe what we need is a Software 
Economics 101 course for undergraduates in computer science AND management.

Fortunately SPARK seems to be catching on for software where reliability 
is a requirement.  However, there are times when you need more 
expressive power than SPARK currently allows, and of course, SPARK could 
not exist without a wider Ada community.

-- 

                                           Robert I. Eachus

"The flames kindled on the Fourth of July, 1776, have spread over too 
much of the globe to be extinguished by the feeble engines of despotism; 
on the contrary, they will consume these engines and all who work them." 
-- Thomas Jefferson, 1821