From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me X-Spam-Level: X-Spam-Status: No, score=0.2 required=5.0 tests=BAYES_00,INVALID_MSGID, REPLYTO_WITHOUT_TO_CC autolearn=no autolearn_force=no version=3.4.4 X-Google-Language: ENGLISH,ASCII-7-bit X-Google-Thread: 103376,ac31ec0a3cebb176,start X-Google-Attributes: gid103376,public From: Mark Elson Subject: Are un-validated compilers unsafe? Date: 1999/04/25 Message-ID: #1/1 X-Deja-AN: 470654443 X-NNTP-Posting-Host: tioman.demon.co.uk:158.152.120.33 X-Complaints-To: abuse@demon.net X-Trace: news.demon.co.uk 925042390 nnrp-10:372 NO-IDENT tioman.demon.co.uk:158.152.120.33 Organization: SSL MIME-Version: 1.0 Reply-To: Mark Elson Newsgroups: comp.lang.ada Date: 1999-04-25T00:00:00+00:00 List-Id: This question was prompted by the fact that a new space project may be using GNAT in conjunction with an un-validated RTOS on the grounds that the combination is in widespread use and that GNAT is a "very good" compiler (also due to the abundance of developers as well as users). I was somewhat surprised that they could get away with this (although their requirement is more reliability than safety). Does this mean there is not much motivation for vendors to get their compilers validated these days? In any case, does the fact that a compiler-OS-processor has not been validated mean that it is unsafe (or unreliable), i.e. that it is not suitable for use in safety-critical applications? I'm guessing, looking at a number of software safety requirements, that if you don't use a validated combination then the onus is on you is to verify down to object code level, i.e. validation may save you work. I've had a look at the EDS site and the choice for embedded applications using Ada 95 seems restricted, especially wrt. to the RTOS choice. Are vendors not bothering to validate their compilers & OSs (or is it something that's done on demand and so additions are only likely to occur if a particular project can afford the validation). Is obtaining validation an expensive exercise anyway? Do vendors subsidise it if a projects chooses to go that route? Are there other means by which compiler/OS/target combinations get certified or even proven by common use? Is there a list of such? Many thanks for any replies. Sorry for all the questions - I'm new to Ada and safety-critical software. -- Mark Elson