From: Simon Wright <simon.j.wright@mac.com>
Subject: Re: High-integrity networking
Date: Wed, 10 Oct 2007 20:40:17 +0100
Date: 2007-10-10T20:40:17+01:00 [thread overview]
Message-ID: <m2przm7o7y.fsf@mac.com> (raw)
In-Reply-To: l3sog357n18c6onk58a3sbru4sn1tn606d@4ax.com
Peter Morris <no@spam.please.net> writes:
> Issues with using Ravenscar and the Ada Distributed Systems Annex for
> High-Integrity Systems
> http://www.acm.org/sigada/ada_letters/march2001/103-audsley_1.pdf
>
> It identified the following problem:
>
> "It is clear that in order to facilitate distributed
> high-integrity real-time programming, the run-time
> support for distributed programming itself should conform
> to the Ravenscar profile. We have illustrated in this paper
> that this support requires greater expressive power than that
> afforded by Ravenscar. The result is greater complexity in
> the run-time – the code is almost certainly less analyzable,
> and definitely harder to produce and read."
Not clear from the last sentence whether it's the run-time or the user
code that's harder to analyse, produce or read. (Presumably that's not
true of Ravenscar itself, or no one would use it? It would be a hard
sell to management ...)
> I don't know if anyone has solved this problem.
Could a solution be analogous to the SPARK technique of telling the
Analyser that certain elements can be assumed to behave as specified
without needing proof? Could a multi-partition program use different
profiles for different parts?
Of course, that depends on what problem you are trying to solve; using
Ravenscar makes it easier to argue for correctness, not using
Ravenscar probably doesn't make an argiment impossible.
next prev parent reply other threads:[~2007-10-10 19:40 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2007-10-08 12:13 High-integrity networking Maciej Sobczak
2007-10-08 16:03 ` Colin Paul Gloster
2007-10-08 20:35 ` Maciej Sobczak
2007-10-15 17:14 ` Colin Paul Gloster
2007-10-16 8:44 ` Maciej Sobczak
2007-10-08 21:02 ` Jeffrey R. Carter
2007-10-09 13:17 ` Maciej Sobczak
2007-10-09 17:37 ` Jeffrey R. Carter
2007-10-09 20:57 ` Maciej Sobczak
2007-10-10 13:16 ` Brian Drummond
2007-10-10 18:13 ` anon
2007-10-10 18:54 ` Peter Morris
2007-10-10 6:29 ` Peter Morris
2007-10-10 19:40 ` Simon Wright [this message]
2007-10-11 13:00 ` Peter Morris
replies disabled
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox