From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me X-Spam-Level: X-Spam-Status: No, score=-0.8 required=5.0 tests=BAYES_00,INVALID_DATE autolearn=no autolearn_force=no version=3.4.4 X-Google-Language: ENGLISH,ASCII-7-bit X-Google-Thread: f891f,e1ba068f3d0b43e2,start X-Google-Attributes: gidf891f,public X-Google-Thread: 109fba,e1ba068f3d0b43e2,start X-Google-Attributes: gid109fba,public X-Google-Thread: f43e6,e1ba068f3d0b43e2,start X-Google-Attributes: gidf43e6,public X-Google-Thread: 103376,e1ba068f3d0b43e2,start X-Google-Attributes: gid103376,public X-Google-ArrivalTime: 1994-11-16 05:24:27 PST Newsgroups: comp.lang.ada,comp.lang.c++,comp.lang.misc,comp.software-eng Path: nntp.gmd.de!xlink.net!news.acotec.de!cs.tu-berlin.de!zrz.TU-Berlin.DE!netmbx.de!Germany.EU.net!news.dfn.de!swiss.ans.net!howland.reston.ans.net!ix.netcom.com!netcom.com!cpp From: cpp@netcom.com (Robin Rowe) Subject: Safety-Critical Survey (Results) Message-ID: Organization: NETCOM On-line Communication Services (408 261-4700 guest) Date: Sun, 13 Nov 1994 22:34:10 GMT Xref: nntp.gmd.de comp.lang.ada:16735 comp.lang.c++:79067 comp.lang.misc:9652 comp.software-eng:20040 Date: 1994-11-13T22:34:10+00:00 List-Id: SAFETY-CRITICAL SYSTEMS COMPUTER LANGUAGE SURVEY RESULTS ======================================================== Here are the results of my recent informal survey of computer languages used in safety-critical embedded systems and other interesting systems. In responses, Ada was by far the most popular language for these systems followed by assembler. There is a list describing 722 Ada projects that is available via ftp from the Ada Information Clearinghouse. The current version is 213K in size (contact adainfo@ajpo.sei.cmu.edu). I did not attempt to integrate that data into this report. No assertion is intended here that any language is necessarily superior to any other. Aerospace: --------- Allied Signal: ? Boeing: Mostly Ada with assembler. Also: Fortran, Jovial, C, C++. Onboard fire extinguishers in PLM. 777 seatback entertainment system in C++ with MFC (in development by Microsoft). 757/767: approximately 144 languages used. 747-400: approximately 75 languages used. 777: approximately 35 languages used. Boeing Defense & Space Group: (777 cabin mgmt. system in Ada?) DAINA/Air Force: Aircraft mission manager in Ada. Chandler Evans: Engine Control System in Ada (386 DOS). Draper Labs/Army/NASA: Fault tolerant architecture in Ada/VHDL. DuPont: ? European Space Agency: mandates Ada for mission critical systems. ISO (Infrared Space Observatory) SOHO (Solar and Heliospheric Observatory) Huygens/Cassini (a joint ESA/NASA mission to Saturn) Companies involved: British Aerospace (Space Systems) - Bristol, UK Fokker Space Systems - Amsterdam, Holland Matra-Marconi Espace - Toulouse, France Saab - Sweden Logica - UK DASA - Germany MBB - Germany Ford Aerospace: Spacecraft in Ada with assembler. GEOS and INSAT spacecraft in FORTRAN. (Ford Aerospace is now Space Systems/Loral.) Hamilton-Standard: (777 air cowling icing protection system in Ada?). Honeywell: Aircraft navigation data loader in C. (777 airplane information mgmt. system in Ada?) Intermetrics/Houston: space shuttle cockpit real-time executive in Ada '83 with 80386 assembly Lockheed Fort Worth: F-22 Advanced Tactical Fighter program in Ada 83 (planning to move to Ada 94) with a very small amount in MIL-STD-1750A assembly. Maintain older safety-critical systems for the F-111 and F-16/F-16 variant airframes primarily done in JOVIAL. NASA: Space station in Ada. (Sources differed on whether it was Ada only, or Ada with some C and assembler.) NASA Lewis: March 1994 space shuttle experiment in C++ on 386. Northrup: B2 bomber control in C++. Rockwell Space Systems Div.: Space shuttle in Hal/s and Ada. Defense Initiative in Ada. Other systems in Ada and C. Space Systems/Loral: Spacecraft in Ada with assembler. Teledyne: Aircraft flight data recorder in C. TRW/Air Force: Realtime avionics OS in Ada. Wilcox Electric: Navigation aids in C prior to 1990, Ada after. VOR-DME in Ada. Microwave landing system in Ada. Wide Area GPS in C and C++. Air Traffic Control: ------------------- Hughes: Canadian ATC system in Ada. Loral FSD: U.S. ATC system in Ada. Thomson-CSF SDC: French ATC system in Ada. Land Vehicles: ------------- Bosch: Diesel engine controls in C. (Other systems generally in C?) Delco: Engine controls and ABS in 68C series (Motorola) assembler. C++ used for data acquisition in GM research center. '93+ GM trucks vehicle controllers mostly in Modula-GM (Modula-GM is a variant of Modula-2. A typical 32-bit integrated vehicle controller may control the engine, the transmission, the ABS system, the Heating/AC system, as well as the associated integrated diagnostics and off-board communications systems.) Ford: Assembler. General Dynamic Land Systems: M1A2 tank tank software in Ada with time-critical routines in 68xxx assembler. Tank software simulators in C. Honda: ? Lucas: Many systems in Lucol (Lucas control language). Diesel engine controls in C++. ABS in 68xxx assembler. SAE: ? (Despite considerable effort on my part, I was unable to gather any information on languages or language standards from the Society of Automotive Engineers.) Ships: ----- Vosper Thornycroft Ltd (UK): navigation control in Ada. Trains: ------ AMTRAK: ? BART: ? (One rumor said Ada migrating to C. Can anyone confirm?) CSEE Transports (France): TGV Braking system in Ada (68K). Denver Airport baggage system: This well publicized problem system is written in C++. (A source familiar with the system said the problems were political and managerial, not directly related to C++.) European Rail: Switching system in Ada. EuroTunnel: in Ada. Extension to the London Underground: in Ada. GEC Alsthom (France): Railway and signal control systems for trains and the TGV (north lines and Chunnel) in Ada. Subway network control systems (Paris, Calcutta, and Cairo). TGV France: Switching system in Ada. Union Switch & Signal, Pittsburgh: (Switching system in ?) Westinghouse Signals Ltd (UK): Railway signalling systems in Ada. Westinghouse Brake & Signal UK: Automatic Train Protection (ATP) systems for Westrace project in PASCAL. Westinghouse Australia: ATP systems in PASCAL and ADA. Medical: ------- Baxter: Left Ventricular Heart Assist in C with 6811 assembler. Coulter Corp.: ONYX hematology analyzer in Ada. Nuclear Reactors: ---------------- Core and shutdown systems in assembler, migrating to Ada. SURVEY METHODOLOGY ================== I operated under the theory that, with regard to what languages are really in use, the recollections of the engineers themselves are probably the most accurate and open source. In general, I did not have enough sources that I could cross check the information. In cases where I could, the most interesting discrepancy was that companies that thought they had adopted one language as the total solution for all their software designs often had something in assembler or some other language somewhere. Every response to the survey was positive except one. An individual at Rockwell Collins said: "The language(s) we do/don't use is a matter best left to us, our customers, and the appropriate regulatory agencies governing our businesses and markets. All of these parties also look out for the public's interests in safety, cost, etc. as well." This individual took me to task for not contacting the PR department of his company, but was unwilling to help me do so. Per his request, I have omitted his company. If you wish to add information or make a correction please send mail to cpp@netcom.com. I'd like to fill in the companies that have question marks by them. I'm particularly interested in systems written in C++. Names of respondents are held confidential. If you respond with a public follow-up on the net, please cc via e-mail to me so that I don't miss you. Thanks to everyone who helped with this. I meant to post this in August, but got busy with work and relocating to Monterey and forgot. Sorry for the delay. Robin embedded.svy rev 11-13-94 -- ----- Robin Rowe cpp@netcom.com 408-375-9449 Monterey, CA Rowe Technology C++ training, consulting, and users groups.