* Re: safety critical automotive software
2010-12-16 18:45 safety critical automotive software Rolf
@ 2010-12-18 10:11 ` Midoan
2010-12-18 10:49 ` Manuel Gomez
` (7 subsequent siblings)
8 siblings, 0 replies; 15+ messages in thread
From: Midoan @ 2010-12-18 10:11 UTC (permalink / raw)
On Dec 16, 6:45 pm, Rolf <rolf.ebert_nosp...@gmx.net> wrote:
> The upcoming ISO 26262 highly recommends "enforcement of strong
> typing" [1]. There is a corresponding footnote saying " The objective
> [...] is to impose principles of strong typing where these are not
> inherent in the language".
>
> Does anybody know if Ada has ever been used (in ECU series production)
> in an automotive application. Can you provide a reference?
>
> How do you achieve the "principles of strong typing" using C?
>
> Rolf
>
> [1] ISO DIS 26262-6, 2009
> --
> comp.lang.c.moderated - moderation address: c...@plethora.net -- you must
> have an appropriate newsgroups line in your header for your mail to be seen,
> or the newsgroup name in square brackets in the subject line. Sorry.
[This is a repost]
The MISRA C guidelines, if they are complied with, do impose stronger
typing on C code (with its restrictions on type declarations and
stricter conversions rules).
So it is possible to "impose principles of strong typing where these
are not inherent in the language" for C.
Of course that sentence would not be there in the standard if the
MISRA C guidelines did not exist.
Regards,
David
---
Midoan Software Engineering Solutions
! check out our new videos on automatic test inputs generation from
Ada on www.midoan.com/mika.html
^ permalink raw reply [flat|nested] 15+ messages in thread
* Re: safety critical automotive software
2010-12-16 18:45 safety critical automotive software Rolf
2010-12-18 10:11 ` Midoan
@ 2010-12-18 10:49 ` Manuel Gomez
2010-12-18 11:00 ` Manuel Gomez
2010-12-24 19:11 ` Dmitry A. Kazakov
` (6 subsequent siblings)
8 siblings, 1 reply; 15+ messages in thread
From: Manuel Gomez @ 2010-12-18 10:49 UTC (permalink / raw)
I remember reading that Saab uses Ada in some context. Searching Ada
Saab I found this reference:
http://www.militaryaerospace.com/index/display/mae-defense-executive-article-display/311897/articles/military-aerospace-electronics/executive-watch/rti-works-with-saab-to-integrate-ada-compiler-with-real-time-middleware.html
On Dec 16, 7:45 pm, Rolf <rolf.ebert_nosp...@gmx.net> wrote:
> The upcoming ISO 26262 highly recommends "enforcement of strong
> typing" [1]. There is a corresponding footnote saying " The objective
> [...] is to impose principles of strong typing where these are not
> inherent in the language".
>
> Does anybody know if Ada has ever been used (in ECU series production)
> in an automotive application. Can you provide a reference?
>
> How do you achieve the "principles of strong typing" using C?
>
> Rolf
>
^ permalink raw reply [flat|nested] 15+ messages in thread
* Re: safety critical automotive software
2010-12-18 10:49 ` Manuel Gomez
@ 2010-12-18 11:00 ` Manuel Gomez
0 siblings, 0 replies; 15+ messages in thread
From: Manuel Gomez @ 2010-12-18 11:00 UTC (permalink / raw)
In fact, it doesn't say anything about automobiles, so probably Saab
here means the aerospace and defence division, which I didn't know
before digging about this subject.
On Dec 18, 11:49 am, Manuel Gomez <mgr...@gmail.com> wrote:
> I remember reading that Saab uses Ada in some context. Searching Ada
> Saab I found this reference:http://www.militaryaerospace.com/index/display/mae-defense-executive-...
>
> On Dec 16, 7:45 pm, Rolf <rolf.ebert_nosp...@gmx.net> wrote:
>
> > The upcoming ISO 26262 highly recommends "enforcement of strong
> > typing" [1]. There is a corresponding footnote saying " The objective
> > [...] is to impose principles of strong typing where these are not
> > inherent in the language".
>
> > Does anybody know if Ada has ever been used (in ECU series production)
> > in an automotive application. Can you provide a reference?
>
^ permalink raw reply [flat|nested] 15+ messages in thread
* Re: safety critical automotive software
2010-12-16 18:45 safety critical automotive software Rolf
2010-12-18 10:11 ` Midoan
2010-12-18 10:49 ` Manuel Gomez
@ 2010-12-24 19:11 ` Dmitry A. Kazakov
2010-12-24 19:13 ` Midoan
` (5 subsequent siblings)
8 siblings, 0 replies; 15+ messages in thread
From: Dmitry A. Kazakov @ 2010-12-24 19:11 UTC (permalink / raw)
On Thu, 16 Dec 2010 12:45:05 -0600 (CST), Rolf wrote:
> The upcoming ISO 26262 highly recommends "enforcement of strong
> typing" [1]. There is a corresponding footnote saying " The objective
> [...] is to impose principles of strong typing where these are not
> inherent in the language".
>
> Does anybody know if Ada has ever been used (in ECU series production)
> in an automotive application.
Not to my knowledge.
> How do you achieve the "principles of strong typing" using C?
AFAIK, they don't care.
Then I guess that the recommendation does not really mandate or even mean
*application* of strong typing in the software design. I.e. you could be
free to deploy int8, unsigned16 instead of meaningful user-defined numeric
data types of domain specific ranges and defined behavior. So "principles
of strong typing" in C could simply mean treating warnings about comparing
signed with unsigned ints as errors.
--
Regards,
Dmitry A. Kazakov
http://www.dmitry-kazakov.de
--
comp.lang.c.moderated - moderation address: clcm@plethora.net -- you must
have an appropriate newsgroups line in your header for your mail to be seen,
or the newsgroup name in square brackets in the subject line. Sorry.
^ permalink raw reply [flat|nested] 15+ messages in thread
* Re: safety critical automotive software
2010-12-16 18:45 safety critical automotive software Rolf
` (2 preceding siblings ...)
2010-12-24 19:11 ` Dmitry A. Kazakov
@ 2010-12-24 19:13 ` Midoan
2010-12-24 19:13 ` Peter C. Chapin
` (4 subsequent siblings)
8 siblings, 0 replies; 15+ messages in thread
From: Midoan @ 2010-12-24 19:13 UTC (permalink / raw)
On Dec 16, 6:45 pm, Rolf <rolf.ebert_nosp...@gmx.net> wrote:
> The upcoming ISO 26262 highly recommends "enforcement of strong
> typing" [1]. There is a corresponding footnote saying " The objective
> [...] is to impose principles of strong typing where these are not
> inherent in the language".
>
> Does anybody know if Ada has ever been used (in ECU series production)
> in an automotive application. Can you provide a reference?
>
> How do you achieve the "principles of strong typing" using C?
>
> Rolf
>
> [1] ISO DIS 26262-6, 2009
> --
> comp.lang.c.moderated - moderation address: c...@plethora.net -- you must
> have an appropriate newsgroups line in your header for your mail to be seen,
> or the newsgroup name in square brackets in the subject line. Sorry.
The MISRA C guidelines, if they are complied to, do strengthen type
checking in C (e.g. rules about types and conversion rules). So I
guess you could say that they do "impose principles of strong typing
where these are not inherent in the language".
Of course that sentence would not have been there if MISRA C did not
exist ...
Regards,
David
>>>
Midoan Software Engineering Solutions
check out our new automatic test inputs generation videos for Ada at
www.midoan.com/mika.html
--
comp.lang.c.moderated - moderation address: clcm@plethora.net -- you must
have an appropriate newsgroups line in your header for your mail to be seen,
or the newsgroup name in square brackets in the subject line. Sorry.
^ permalink raw reply [flat|nested] 15+ messages in thread
* Re: safety critical automotive software
2010-12-16 18:45 safety critical automotive software Rolf
` (3 preceding siblings ...)
2010-12-24 19:13 ` Midoan
@ 2010-12-24 19:13 ` Peter C. Chapin
2010-12-24 19:14 ` ebaychatter
` (3 subsequent siblings)
8 siblings, 0 replies; 15+ messages in thread
From: Peter C. Chapin @ 2010-12-24 19:13 UTC (permalink / raw)
On 2010-12-16 13:45, Rolf wrote:
> How do you achieve the "principles of strong typing" using C?
There are tools that enforce a stronger type model on C code than the
compiler does. I believe PC-Lint, for example, can produce warnings
about all implicit conversions and can treat typedefs as new types. I
don't believe it allows you to define range constraints, or anything
else requiring run time checking, but if used aggressively it can bring
a higher degree of discipline to C code than usual.
I'm sure there are other tools that can do similar things.
Peter
--
comp.lang.c.moderated - moderation address: clcm@plethora.net -- you must
have an appropriate newsgroups line in your header for your mail to be seen,
or the newsgroup name in square brackets in the subject line. Sorry.
^ permalink raw reply [flat|nested] 15+ messages in thread
* Re: safety critical automotive software
2010-12-16 18:45 safety critical automotive software Rolf
` (4 preceding siblings ...)
2010-12-24 19:13 ` Peter C. Chapin
@ 2010-12-24 19:14 ` ebaychatter
2010-12-24 19:16 ` Paul Colin Gloster
` (2 subsequent siblings)
8 siblings, 0 replies; 15+ messages in thread
From: ebaychatter @ 2010-12-24 19:14 UTC (permalink / raw)
On Dec 16, 6:45 pm, Rolf <rolf.ebert_nosp...@gmx.net> wrote:
> The upcoming ISO 26262 highly recommends "enforcement of strong
> typing" [1]. There is a corresponding footnote saying " The objective
> [...] is to impose principles of strong typing where these are not
> inherent in the language".
>
> Does anybody know if Ada has ever been used (in ECU series production)
> in an automotive application. Can you provide a reference?
>
> How do you achieve the "principles of strong typing" using C?
>
> Rolf
>
> [1] ISO DIS 26262-6, 2009
> --
> comp.lang.c.moderated - moderation address: c...@plethora.net -- you must
> have an appropriate newsgroups line in your header for your mail to be seen,
> or the newsgroup name in square brackets in the subject line. Sorry.
DON'T FEED THE TROLL. Go buy an Ada car.
--
comp.lang.c.moderated - moderation address: clcm@plethora.net -- you must
have an appropriate newsgroups line in your header for your mail to be seen,
or the newsgroup name in square brackets in the subject line. Sorry.
^ permalink raw reply [flat|nested] 15+ messages in thread
* Re: safety critical automotive software
2010-12-16 18:45 safety critical automotive software Rolf
` (5 preceding siblings ...)
2010-12-24 19:14 ` ebaychatter
@ 2010-12-24 19:16 ` Paul Colin Gloster
2010-12-24 19:16 ` Paul Colin Gloster
2011-01-07 21:40 ` Walter Banks
8 siblings, 0 replies; 15+ messages in thread
From: Paul Colin Gloster @ 2010-12-24 19:16 UTC (permalink / raw)
Rolf <rolf.ebert_nospam_@gmx.net> sent on December 16th, 2010:
|----------------------------------------------------------------------|
|"[..] |
| |
|Does anybody know if Ada has ever been used (in ECU series production)|
|in an automotive application. Can you provide a reference? |
| |
|[..]" |
|----------------------------------------------------------------------|
Ask Zoe Ellen Brain and Peter Dencker.
--
comp.lang.c.moderated - moderation address: clcm@plethora.net -- you must
have an appropriate newsgroups line in your header for your mail to be seen,
or the newsgroup name in square brackets in the subject line. Sorry.
^ permalink raw reply [flat|nested] 15+ messages in thread
* Re: safety critical automotive software
2010-12-16 18:45 safety critical automotive software Rolf
` (6 preceding siblings ...)
2010-12-24 19:16 ` Paul Colin Gloster
@ 2010-12-24 19:16 ` Paul Colin Gloster
2011-01-07 21:40 ` Walter Banks
8 siblings, 0 replies; 15+ messages in thread
From: Paul Colin Gloster @ 2010-12-24 19:16 UTC (permalink / raw)
Rolf <rolf.ebert_nospam_@gmx.net> sent on December 16th, 2010:
|----------------------------------------------------------------------|
|"[..] |
| |
|Does anybody know if Ada has ever been used (in ECU series production)|
|in an automotive application. Can you provide a reference? |
| |
|[..]" |
|----------------------------------------------------------------------|
Ask Zoe Ellen Brain and Peter Dencker.
--
comp.lang.c.moderated - moderation address: clcm@plethora.net -- you must
have an appropriate newsgroups line in your header for your mail to be seen,
or the newsgroup name in square brackets in the subject line. Sorry.
^ permalink raw reply [flat|nested] 15+ messages in thread
* Re: safety critical automotive software
2010-12-16 18:45 safety critical automotive software Rolf
` (7 preceding siblings ...)
2010-12-24 19:16 ` Paul Colin Gloster
@ 2011-01-07 21:40 ` Walter Banks
2011-01-09 17:09 ` Gerd
2011-02-23 3:32 ` ebaychatter
8 siblings, 2 replies; 15+ messages in thread
From: Walter Banks @ 2011-01-07 21:40 UTC (permalink / raw)
Rolf wrote:
> The upcoming ISO 26262 highly recommends "enforcement of strong
> typing" [1]. There is a corresponding footnote saying " The objective
> [...] is to impose principles of strong typing where these are not
> inherent in the language".
>
> Does anybody know if Ada has ever been used (in ECU series production)
> in an automotive application. Can you provide a reference?
As far as I know Ada has not ever been used. I am familiar
with most of the current ECU's and almost all are using the
same parts implemented in C with some of the
ISO/IEC 18037 additions.
> How do you achieve the "principles of strong typing" using C?
Each of the automotive companies have internal design rules
that are company mandated. I am generally impressed to the degree
that automotive coding standards are maintained. misra is often
looked at as a set of guidelines but most automotive companies
use misra as one of many sources for their internal standards.
Regards,
Walter..
--
Walter Banks
Byte Craft Limited
http://www.bytecraft.com
--
comp.lang.c.moderated - moderation address: clcm@plethora.net -- you must
have an appropriate newsgroups line in your header for your mail to be seen,
or the newsgroup name in square brackets in the subject line. Sorry.
^ permalink raw reply [flat|nested] 15+ messages in thread