From: dewar@cs.nyu.edu (Robert Dewar)
Subject: Re: Ada Core Technologies and Ada95 Standards
Date: 1996/04/02
Date: 1996-04-02T00:00:00+00:00 [thread overview]
Message-ID: <dewar.828492539@schonberg> (raw)
In-Reply-To: 828475321.18492@assen.demon.co.uk
iJohn McCabe said
"As I said before, if I can't prove my software meets all of its
requirements, my customer will not accept it."
That sounds reasonable for high-assurance software, but earlier you
talked about using testing as the basis for this proof, which makes
me think that your standard of proof is rather low.
But maybe I am mistaken, are you in fact using formal specifications,
and formal methods to guarantee the correctness of the software,
reasoning at the generated code level (this is normal procedure
for safety critical software).
Obviously any customer demands proof at some level that the software
meets all the requirements, but the standards of proof vary a lot,
from an essentially informal testing process to a rigorous formal
demonstration of correctness.
Compilers are no different from any other software in this respect,
but certainly the level of proof is not at the level of rigorous
formal proof (we don't even know how to practicaly create a formal
specification of complex languages in the first place -- an EEC
sponsored project to produce a formal definition of Ada 83 resulted
in a couple of large telephone books of fomulae, but still did not
cover the whole language, or form the basis for a practical proof
of correctness of an Ada 83 compiler since it did not tackle some
of the hard parts.
next prev parent reply other threads:[~1996-04-02 0:00 UTC|newest]
Thread overview: 106+ messages / expand[flat|nested] mbox.gz Atom feed top
1996-03-25 0:00 Ada Core Technologies and Ada95 Standards Kenneth Mays
1996-03-25 0:00 ` Robert Dewar
1996-03-28 0:00 ` John McCabe
1996-03-28 0:00 ` Robert Dewar
1996-03-29 0:00 ` John McCabe
1996-03-29 0:00 ` Robert Dewar
1996-04-01 0:00 ` Ken Garlington
1996-04-01 0:00 ` Robert Dewar
1996-04-02 0:00 ` Ken Garlington
1996-04-02 0:00 ` John McCabe
1996-04-02 0:00 ` Robert Dewar [this message]
1996-04-03 0:00 ` Ken Garlington
1996-04-04 0:00 ` Robert Dewar
1996-04-04 0:00 ` Ken Garlington
1996-04-05 0:00 ` Robert Dewar
1996-04-10 0:00 ` Ken Garlington
1996-04-02 0:00 ` Robert A Duff
1996-04-10 0:00 ` Robert Dewar
1996-04-10 0:00 ` Robert Dewar
1996-04-12 0:00 ` Philip Brashear
1996-04-12 0:00 ` Robert Dewar
1996-04-15 0:00 ` Tiring Arguments Around (not about) Two Questions Ken Garlington
1996-04-15 0:00 ` Gary McKee
1996-04-16 0:00 ` Ken Garlington
1996-04-17 0:00 ` Kenneth Almquist
1996-04-18 0:00 ` Ada Core Technologies and Ada95 Standards John McCabe
1996-04-19 0:00 ` Robert Dewar
1996-04-22 0:00 ` John McCabe
1996-04-23 0:00 ` Ken Garlington
1996-04-24 0:00 ` Robert Dewar
1996-04-26 0:00 ` Ken Garlington
1996-04-24 0:00 ` John McCabe
1996-04-24 0:00 ` Robert Dewar
1996-04-26 0:00 ` John McCabe
1996-04-26 0:00 ` John McCabe
1996-04-26 0:00 ` Ken Garlington
1996-04-25 0:00 ` Ken Garlington
1996-04-24 0:00 ` Robert Dewar
1996-04-26 0:00 ` Ken Garlington
1996-04-27 0:00 ` Robert Dewar
1996-04-22 0:00 ` Ken Garlington
1996-04-15 0:00 ` Ken Garlington
1996-04-16 0:00 ` Robert Dewar
1996-04-16 0:00 ` Ken Garlington
1996-04-16 0:00 ` Robert Dewar
1996-04-02 0:00 ` John McCabe
1996-04-02 0:00 ` John McCabe
1996-04-02 0:00 ` Robert A Duff
1996-04-16 0:00 ` John McCabe
1996-04-16 0:00 ` Robert Dewar
1996-04-22 0:00 ` John McCabe
1996-04-23 0:00 ` Ken Garlington
1996-04-24 0:00 ` Robert Dewar
1996-04-26 0:00 ` Ken Garlington
1996-04-27 0:00 ` Robert Dewar
1996-04-29 0:00 ` Cordes MJ
1996-04-29 0:00 ` Robert Dewar
1996-05-06 0:00 ` John McCabe
1996-05-06 0:00 ` Robert Dewar
1996-05-08 0:00 ` John McCabe
1996-05-08 0:00 ` TARTAN and TI Tom Robinson
1996-05-09 0:00 ` Arthur Evans Jr
[not found] ` <Dr46LG.2FF@world.std.com>
1996-05-09 0:00 ` Ada Core Technologies and Ada95 Standards John McCabe
1996-05-07 0:00 ` Mike Cordes
1996-05-07 0:00 ` Mike Cordes
1996-04-10 0:00 ` Robert Dewar
1996-04-15 0:00 ` Ken Garlington
1996-04-16 0:00 ` Robert Dewar
1996-04-16 0:00 ` Ken Garlington
1996-04-16 0:00 ` Robert Dewar
1996-04-18 0:00 ` Ken Garlington
1996-03-31 0:00 ` Geert Bosch
1996-04-01 0:00 ` Robert Dewar
1996-04-01 0:00 ` Mike Young
1996-04-03 0:00 ` Robert Dewar
1996-03-29 0:00 ` steved
1996-03-29 0:00 ` Applet Magic works great, sort of Bob Crispen
1996-03-29 0:00 ` Vince Del Vecchio
1996-04-03 0:00 ` Ada Core Technologies and Ada95 Standards Ken Garlington
1996-04-04 0:00 ` Robert Dewar
1996-04-04 0:00 ` John McCabe
1996-04-05 0:00 ` Robert Dewar
1996-04-06 0:00 ` Ada validation is virtually worthless Raj Thomas
1996-04-06 0:00 ` Robert Dewar
1996-04-08 0:00 ` Arthur Evans Jr
1996-04-07 0:00 ` Ada Core Technologies and Ada95 Standards John McCabe
1996-04-03 0:00 ` Robert I. Eachus
1996-04-05 0:00 ` Robert I. Eachus
1996-04-10 0:00 ` Cordes MJ
1996-04-10 0:00 ` Robert Dewar
1996-04-15 0:00 ` Ken Garlington
1996-04-16 0:00 ` Robert Dewar
1996-04-16 0:00 ` Ken Garlington
1996-04-16 0:00 ` Robert Dewar
1996-04-11 0:00 ` Robert I. Eachus
1996-04-11 0:00 ` Robert I. Eachus
1996-04-19 0:00 ` Laurent Guerby
1996-04-25 0:00 ` Tiring Arguments Around (not about) Two Questions [VERY LONG] Laurent Guerby
1996-04-26 0:00 ` Ken Garlington
1996-04-29 0:00 ` Philip Brashear
-- strict thread matches above, loose matches on Subject: below --
1996-04-01 0:00 Ada Core Technologies and Ada95 Standards Simon Johnston
1996-04-24 0:00 W. Wesley Groleau (Wes)
1996-04-25 0:00 ` Ken Garlington
1996-04-25 0:00 ` Robert Dewar
1996-04-25 0:00 ` Theodore E. Dennison
1996-04-29 0:00 Marin David Condic, 407.796.8997, M/S 731-93
replies disabled
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox