From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me X-Spam-Level: X-Spam-Status: No, score=-1.3 required=5.0 tests=BAYES_00,INVALID_MSGID autolearn=no autolearn_force=no version=3.4.4 X-Google-Language: ENGLISH,ASCII-7-bit X-Google-Thread: 103376,313a106b8dd38f30 X-Google-Attributes: gid103376,public From: Ehud Lamm Subject: Re: RATIONAL TESTMATE for ADA Testing - Any experiences to share ? Date: 1999/05/26 Message-ID: #1/1 X-Deja-AN: 482582574 References: <374667df@news.compd.com> <7i99ls$lv$1@ins8.netins.net> <7i9du6$1a2$1@lure.pipex.net> <7ia9uj$30r$1@nnrp1.deja.com> <7id9ss$r41$1@ins8.netins.net> Content-Type: TEXT/PLAIN; charset=US-ASCII Organization: The hebrew University of Jerusalem Mime-Version: 1.0 Newsgroups: comp.lang.ada Date: 1999-05-26T00:00:00+00:00 List-Id: Hi 1) I for one would be happy to see some references about verification in the avionics world. Verification is a pet subject. You can email me if you want to answer and think the group will be bored to death. 2) I am not sure what exactly do you mean by "verifaction " "functionally" and "strcturaly". You surely don't mean "verifiaction" in the sense I am usually used to i.e., mathematically proven to abide to a formal specification (ala Z, temporal logic etc.) Do you? Ehud Lamm mslamm@pluto.mscc.huji.ac.il On Mon, 24 May 1999, Brian Collins wrote: > Robert, > > Depends on your definition of validation. In the Avionics wold, > compiler validation isn't such a big issue. The big issue is > verification, not validation. According to the FAA in numerous > volumes of references,which I shall not name here for the sake > of the groups sleeping habits, verification is very important. In > any given piece of equipment in an aircraft, every module and > line of software needs to be verified both functionally and even > structurally. This has to include all software in a piece of equipment > like a compiler Run-Time System (RTS) and any user written > control software as well. Having a validated compiler, as I think > you mean the word, is important to say that functionally the compiler > will produce the correct code, but that is only a very minor step. I am > not familiar with the product you named CSMART, but if it is ever > used in an avionics box then it has been verified both functionally > and structurally. So in essence you have to have validated products. > All depends on your definition of the terms of course. > > Brian Collins > brian.collins@www.mebbs.com > bjcollin@collins.rockwell.com > http://www.math.swt.edu/~rambo > > > > > Robert Dewar wrote in message <7ia9uj$30r$1@nnrp1.deja.com>... > >In article <7i9du6$1a2$1@lure.pipex.net>, > > "David Akister" wrote: > > > >> With the need for > >> validated compilers for safety-critical use this does make > >> life difficult. > > > >I find this a bit worrying for two reasons. > > > >1) I worry that people read more into validation than is > >appropriate. Validation is useful as one of many tests for > >compiler quality, but that is all. > > > >2) Safety critical applications are quite likely to be using > >an Ada subset like CSMART, which cannot possiblybe validated > >in any case. > > > >If the requirement for using a base compiler technology that > >is validated is just one of many requirements, then that is > >fine, but I have several times run into people who seem to > >think that this is > > > >a) a vital requirement (it is not) > > > >b) some kind of assurance of safety (it is not) > > > >With regard to Ada testing, a lot depends on what you are trying > >to achieve. Certainly you should be able to find coverage tools > >on the actual target you are running on,and there are also a > >number of test generation tools that are applicable to many > >different target environments. > > > >Robert Dewar > >Ada Core Technologies > > > > > >--== Sent via Deja.com http://www.deja.com/ ==-- > >---Share what you know. Learn what you don't.--- > > > >