From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me X-Spam-Level: X-Spam-Status: No, score=-1.3 required=5.0 tests=BAYES_00,INVALID_MSGID autolearn=no autolearn_force=no version=3.4.4 X-Google-Language: ENGLISH,ASCII-7-bit X-Google-Thread: 103376,e358ba77412f9288,start X-Google-Attributes: gid103376,public From: "Robert C. Leif, Ph.D." Subject: Use of Ada Code Generators for Critical Applications -- was Date: 1996/06/12 Message-ID: #1/1 X-Deja-AN: 159926787 sender: Ada programming language x-sender: rleif@mail.cts.com comments: To: Samuel Mize content-type: text/plain; charset="us-ascii" mime-version: 1.0 newsgroups: comp.lang.ada x-ph: V4.4@jericho.american.edu x-mailer: Windows Eudora Version 2.0.3 Date: 1996-06-12T00:00:00+00:00 List-Id: From: Bob Leif, Ph.D. To: Samuel Mize et al. Subject:: Use of Ada Code Generators for Critical Applications Date: 12 June, 1996 ------------------------------------------------------------------------ Samuel Mize wrote on Sun, 9 Jun 1996 23:49:23 -0500 ---------------------------------------------------------------------- Subject: Re: ARIANE-5 Failure (DC-X works) Other posts have said the code was generated with MatrixX. I haven't used MatrixX, but others at my company have, so I'll try to describe it. MatrixX isn't a language. It's a tool that uses a graphical notation, including some standard graphical notation for math. You can think of it as a 4GL for scientific calculation. Its application area is limited, but within that area, its graphic notation is closer to what a mathematician would use, so a domain expert can work with it and validate it more easily. I'm sure a MatrixX marketeer would plotz at this definition, but it lets you see why it's easier (in this case) to maintain than properly written Ada. The maintainers aren't programmers, and they aren't maintaining the program. They're maintaining their mathematical specifications. The tool regenerates the program to match new specs. Nobody maintains (this part of) the program. SNIP But since Ada is a general language, there will always be tools that are easier for specific, limited application domains. End Samuel Mize; ------------------------------------------------------------------------------- Begin Bob Leif As virtually all the readers of Comp.Lang.Ada know, it is quite possible for a human to write Ada which makes minimal use of the capacity provided by Ada for employing software engineering principles. Or stated more succinctly, it is quite possible to produce garbage in Ada. For instance, did the MatrixX tool create data types with ranges limited to the acceptable values. Where exceptions built into the code? Code inspections are an excellent toll for humans, which should be extended to robots. Bob Leif Robert C. Leif, Ph.D., PMIAC, Vice President & Research Director Ada_Med, A Division of Newport Instruments 5648 Toyon Road San Diego, CA 92115-1022 Tel. & Fax (619) 582-0437 e-mail rleif@mail.cts.com