From: "Robert I. Eachus" <rieachus@comcast.net>
Subject: Re: "Tracking the Blackout bug"
Date: Wed, 14 Apr 2004 10:20:14 -0400
Date: 2004-04-14T10:20:14-04:00 [thread overview]
Message-ID: <Ac-dndtEMIEC1eDdRVn-uA@comcast.com> (raw)
In-Reply-To: <c56hpq$2onduq$1@ID-69815.news.uni-berlin.de>
Peter Amey wrote:
> The developers did NOT do everything they could. They could have used
> the Ravenscar profile in Ada; they could use RavenSPARK; they could have
> done some model checking of the concurrent parts of the program. They
> did NOT test exhaustively because it is impossible (/exhaustingly/ I am
> willing to believe). And software doesn't HAVE to be cr*p!
I totally agree, using Ada to write the software would not have
prevented the problem, it just would have made it obvious. (Hmmm. How
do we handle an exception in the alert system?) Using SPARK of course,
would have prevented the problem. (If you can't prove it doesn't raise
exceptions or have race conditions, it isn't SPARK.)
--
Robert I. Eachus
"The terrorist enemy holds no territory, defends no population, is
unconstrained by rules of warfare, and respects no law of morality. Such
an enemy cannot be deterred, contained, appeased or negotiated with. It
can only be destroyed--and that, ladies and gentlemen, is the business
at hand." -- Dick Cheney
prev parent reply other threads:[~2004-04-14 14:20 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2004-04-09 5:59 "Tracking the Blackout bug" sk
2004-04-09 16:08 ` Peter Amey
2004-04-09 23:47 ` Mike Silva
2004-04-10 12:32 ` Mark Lorenzen
2004-04-14 14:20 ` Robert I. Eachus [this message]
replies disabled
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox