From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me X-Spam-Level: ** X-Spam-Status: No, score=2.1 required=5.0 tests=BAYES_20,INVALID_MSGID, REPLYTO_WITHOUT_TO_CC autolearn=no autolearn_force=no version=3.4.4 X-Google-Language: ENGLISH,ASCII-7-bit X-Google-Thread: 103376,a3ca574fc2007430 X-Google-Attributes: gid103376,public X-Google-Thread: 115aec,f41f1f25333fa601 X-Google-Attributes: gid115aec,public From: ken@nrtt.demon.co.uk (Ken Tindell) Subject: Re: Ada and Automotive Industry Date: 1996/12/05 Message-ID: #1/1 X-Deja-AN: 202487759 distribution: world x-nntp-posting-host: nrtt.demon.co.uk references: <55ea3g$m1j@newsbf02.news.aol.com> <3280DA96.15FB@hso.link.com> <32A46EE6.82F@east.thomsoft.com> organization: Northern Real-Time Technologies Ltd. reply-to: ken@nrtt.demon.co.uk newsgroups: comp.lang.ada,comp.realtime Date: 1996-12-05T00:00:00+00:00 List-Id: In article <32A46EE6.82F@east.thomsoft.com> George Romanski wrote: > Ada is safe in practice. Having been involved with the development > and verification of Nuclear Shut-down systems, Flight control systems, > automatic brake control systems and so on I understand the requirements > of software verification and the costs associated with demonstrating > this to the certification authorities. > > I feel confident of this with Ada, verifying C code scares me silly. The following two publications are interesting in this context: Hutcheon et al. , "A Study of High Integrity Ada: Analysis of Ada Programs", MOD reference SLS31c/73-2-D, York Software Engineering and British Aerospace. Les Hatton, "Safer C: developing software for high-integrity and Safety-critical systems", McGraw-Hill, 1994