Re: F-22 ADA Programming

[Bill White <billjwhite@notan.org>]

On 2014-10-30, Maciej Sobczak <see.my.homepage@gmail.com> wrote:
>
>> It is not about escaping responsibility but come from the other end and try
>> to be responsible. People are required to be diligent. Choosing the right
>> platforms, languages, techniques etc. are all part of engineering just like
>> choosing the right concrete, steel, and designs are are all part of making a
>> bridge.
>
> And yet, among hundreds of available materials and components, architects
choose those that are most economically viable in the given context, not the
ones that have the best known parameters. For every bridge or building I
would be able to prove that better materials exist - and they were not
chosen for valid reasons. Every single day my life depends on materials that
were chosen based on some economic compromises and sometimes that economy
argument is passed on us - for example we have to choose what car we will
buy to drive our kids to school and that decision also involves economy
compromises. I bet that nobody on this group bought the best car that was
ever created. Should we feel bad about it? 

I didn't say the best. I said "just like choosing the right concrete, steel,
and designs. Engineering these days is mostly about choosing the cheapest
possible materials and procedures that will meet the performance goals. OTOH
in safety area people have found it worthwhile to over engineer somewhat.

>
> I am not aware of any engineering industry where purely technical
> arguments are the only ones that are taken into account. It would be naive
> to expect that IT should be any different. 
>
>> I think that's misleading. It is not only the probability of failures that's
>> important but their type and consequences.
>
> That C++ bugs have more severe consequences than Ada bugs? :-)

Are you kidding me?

Are you not aware that buffer overflows are a major ongoing, intractable
issue in C and C++ deployments? Depending on the platform the results can be
much worse than a segfault message. These kinds of errors can corrupt memory
and produce "should never happen" errors that are unhandled or break the
code of even the OS in unforseeable ways. And these kinds of errors are
totally avoidable and never happen in Ada with the right compilation options.

C and C++ pointers are another area where wild storage references are
common and have the same damaging effects as buffer overflows. Things like
that just don't happen in Ada and other safe languages. There's no excuse
for using C or C++ in safety or even business-critical applications.

And that's the tip of the iceberg. So much about C++ encourages rather than
discourages complexity. And complexity kills.

>> The question is whether people acted
>> responsibly, cautiously, and in good faith. And those are things that make a
>> difference in court.
>
> And I assure you that no programmer in the world selects his tools in bad
>> faith (at least I don't know any such wrongdoers). Everybody can swear on
>> their good intentions. That should solve the court problem, right?

Nonsense. Most people are not even qualified to choose the tools they use
and the majority of them don't even think this is a discussion.

> If I understand things correctly, lack of due diligence has to be proven
>in court. 

That depends. In criminal cases in America they are supposed to have to
prove guilt. But in civil cases and that's where the money is, accused
parties have to prove their innocence.

> But who is responsible if most programmers are simply *not aware*
>of better tools? Nowadays the universities teach that the best language for
>everything is Java. Is the Java programmer liable for the broken system or
>should we sue his university instead? 

You continue to try to twist the discussion into the framework of avoiding
liability and who to collect money from, where I am coming from the angle of
wanting people to be aware of the issues and do the right thing, because
it's the right thing to do.

Bill