From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00 autolearn=ham autolearn_force=no version=3.4.4 X-Google-Thread: 103376,703c4f68db81387d X-Google-Thread: 109fba,703c4f68db81387d X-Google-Thread: 115aec,703c4f68db81387d X-Google-Thread: f43e6,703c4f68db81387d X-Google-Attributes: gid103376,gid109fba,gid115aec,gidf43e6,public X-Google-Language: ENGLISH,ASCII-7-bit Path: g2news1.google.com!news1.google.com!news.maxwell.syr.edu!newscon02.news.prodigy.com!prodigy.net!newsmst01a.news.prodigy.com!prodigy.com!postmaster.news.prodigy.com!newssvr21.news.prodigy.com.POSTED!4988f22a!not-for-mail From: Newsgroups: comp.lang.ada,comp.lang.c++,comp.realtime,comp.software-eng References: <4229bad9$0$1019$afc38c87@news.optusnet.com.au> <1110032222.447846.167060@g14g2000cwa.googlegroups.com> <871xau9nlh.fsf@insalien.org> <3SjWd.103128$Vf.3969241@news000.worldonline.dk> <87r7iu85lf.fsf@insalien.org> <1110052142.832650@athnrd02> <423038f2$0$14970$ba620e4c@news.skynet.be> <1110556310.367604.271110@g14g2000cwa.googlegroups.com> Subject: Re: Teaching new tricks to an old dog (C++ -->Ada) X-Priority: 3 X-MSMail-Priority: Normal X-Newsreader: Microsoft Outlook Express 6.00.2800.1437 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1441 Message-ID: NNTP-Posting-Host: 64.164.117.99 X-Complaints-To: abuse@prodigy.net X-Trace: newssvr21.news.prodigy.com 1111493071 ST000 64.164.117.99 (Tue, 22 Mar 2005 07:04:31 EST) NNTP-Posting-Date: Tue, 22 Mar 2005 07:04:31 EST Organization: SBC http://yahoo.sbc.com X-UserInfo1: TSU[@SBEQJV]SQ@[EZOD]_\@VR]^@B@MCPWZKB]MPXHZUSAANVUEAE[YETZPIWWI[FCIZA^NBFXZ_D[BFNTCNVPDTNTKHWXKB@X^B_OCJLPZ@ET_O[G\XSG@E\G[ZKVLBL^CJINM@I_KVIOR\T_M_AW_M[_BWU_HFA_]@A_A^SGFAUDE_DFTMQPFWVW[QPJN Date: Tue, 22 Mar 2005 12:04:31 GMT Xref: g2news1.google.com comp.lang.ada:9722 comp.lang.c++:46668 comp.realtime:1583 comp.software-eng:5184 Date: 2005-03-22T12:04:31+00:00 List-Id: "T Beck" wrote in message news:1110556310.367604.271110@g14g2000cwa.googlegroups.com... > > Adrien Plisson wrote: > > > > Ada is also used in particular rockets called missiles, and its job > > inside is just to make them fall... but fall gracefully. > > Would that happen to include the now-infamous Patriot Missles (the ones > that couldn't hit a barn after they'd been on for a while due to a > bug?) No. Those missiles were not programmed in Ada. On the other hand, there have been software failures written in Ada, just as their have been software failures written in C, C++, Jovial, Fortran, etc. The use of Ada does not eliminate to potential for software failure. No language, by itself, can guarantee there will no defects. The best we can hope for, in the current state of software engineering, is to minimize the risk of failure. Ada is designed to help reduce risk. That is a primary concern when choosing Ada. Still, we are always dealing with tradeoffs. A language that allows compilers to generate some kind of result for every syntactic expression, is likely to also permit erroneous constructs. This is OK when that language is used in the hands of a person who never makes mistakes. Of course, as the size of the code grows larger, and the number of functions increases, human comprehension begins face more challenges in the management of the complexity. A language that provides a set of constraints at the outset, such as Ada, can be annoying for little programming jobs carried out by one person. As the software product requires more and more people, more and more code units, and more and more time to complete, these constraints can be useful because they prohibit certain practices that lead to unexpected errors. Software risk management is becoming a more and more respectable part of software engineering practice. Language choice is only one part of the risk management decision matrix, and we are not going to enumerate the many other facets of risk here. However, language can have an impact on risk. I have seen software developed in many different languages over a long period of time. In my own view, and I don't have formal research to support this, Ada has had value in reducing risk of failure "when used as directed." C++, and the C family in general, increases the risk of failure simply because one does not have the built-in constraints that exist in Ada. A careful programmer can create excellent, defect-reduced, software in C++. A sloppy programmer can grind out horrible, unsafe code in Ada (by relaxing the built-in constraints). All in all, though, I see Ada as more risk averse than most of its competitors. What is the cost of being risk averse? That question is open to many different interpretations. There certainly is a cost. Is that cost worth the level of risk avoidance we hope to achieve with Ada? The answer to this question will also vary according to the experience, biases, and economic decisions favored by those who must make the choices. Richard Riehle