From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00 autolearn=unavailable autolearn_force=no version=3.4.4 Path: eternal-september.org!reader01.eternal-september.org!feeder.eternal-september.org!aioe.org!.POSTED.fn3LatRFkm9/xzEj7F2/NQ.user.gioia.aioe.org!not-for-mail From: "Dmitry A. Kazakov" Newsgroups: comp.lang.ada Subject: Re: Ada in command / control systems Date: Wed, 6 Mar 2019 15:14:58 +0100 Organization: Aioe.org NNTP Server Message-ID: References: <2199b15b-d704-403f-a6c4-00fab29792d5@googlegroups.com> <72738cc8-3f65-4cc1-8c61-b1166cb5e3c2@googlegroups.com> <9807ec3a-4c34-4641-acfa-e9cf22de95ce@googlegroups.com> <51611452-1f49-4d8d-b93d-363cbbee29d0@googlegroups.com> <6a0fe4c2-a8e6-4d15-8cbf-f5a85ba0cd86@googlegroups.com> <1a5fae09-bbbf-4bdb-be8c-6a2e3fd70dfa@googlegroups.com> <1c62f33a-d3a0-4a64-b66f-c82328cfb52a@googlegroups.com> NNTP-Posting-Host: fn3LatRFkm9/xzEj7F2/NQ.user.gioia.aioe.org Mime-Version: 1.0 Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 7bit X-Complaints-To: abuse@aioe.org User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:60.0) Gecko/20100101 Thunderbird/60.5.1 X-Notice: Filtered by postfilter v. 0.9.2 Content-Language: en-US Xref: reader01.eternal-september.org comp.lang.ada:55800 Date: 2019-03-06T15:14:58+01:00 List-Id: On 2019-03-06 10:05, Maciej Sobczak wrote: >> Because the tool is claimed to state the "requirements". There can be >> nothing above that. > > What do you mean "nothing above that"? There can be many levels of requirements. Simulink (and such) is typically used at the level called Low Level Requirements (LLR for short). There is *a lot* above that. There might be even other models above that. And Simulink might not be the only thing used at its level, or not for all artifacts. Thus it is simply code in some mostly declarative language. As such it must undergo testing, verification, validation etc. > The fact that Simulink can generate code automatically is actually not important here, It is a key feature allowing to circumvent normal software quality assertion and developing process. > because that functionality need not be used - which, I don't think there are many people who could write code from a non-trivial Simulink diagram. It is far more difficult than writing assembler code from Ada program. >> The source code is complete per definition, otherwise you could not >> compile and build the solution from it. > > Which also means that it is the lowest level representation of the system that we should care about. The question is, whether it is the only representation that we need. If we need something above that, what it should be? The question is the purpose of? For example, the purpose of writing pay checks for the developers team. Certainly you might have something useful for that. Or something more close, getting the top managers off the back of developers. Some PPT presentation would be of great help. You should state the purpose first. >> There are lots of concerns when calling s-function, e.g. when the block >> containing this function is in the feedback loop. > > Sure, and there are concerns about source code being reentrant or not, or being thread-safe or not, or being exception-safe or not, or being recursive when it should not be, and so on. It's not like source is concern-free. This is not comparable. When writing code in a normal language programmers know the limitation of the mental model they use, e.g. single thread of control, ignored side effects on the CPU, on memory, on peripheral states, time sharing etc. There are lots of red lines and alarm bells each competent programmer knows. With Simulink models and black boxes of s-functions nobody knows anything. Moreover, nobody is competent as the proclaimed purpose of all exercise was: any moron can design quality software in Simulink knowing nothing about programming. But that is a blatant lie. One must know everything about programming, control, about numeric methods, and about domain-space problem in order to use Simulink en large. >> Programming languages have means >> for proper encapsulation and insulation the side effects. >> Domain-specific languages have nothing of this sort. > > Why? I see no reason why they should not have it. Because they do not focus on software design, but rather on the domain. General-purpose languages address software design problems and design artifacts as well as second-order problems arising from solutions of the first-order ones. These issues are absent in the problem space. There is no way to map the problem space into a finite state machine with a full load of other constraints. If we could we would not need programmers at all. >> It is the same paradigm and after a half of century we more or less know >> how to write reusable components in C and Ada. > > And you have the whole libraries (built-in and COTS) of reusable modules or operators in Simulink (and similar), too. People just drag'n'drop filters, amplifiers, counters, and whatever other stuff they need into their projects and it seems to work. Why should they come back to source? Because a large software system cannot be built this way. It is way too low-level. The filter corresponds to an algorithm like bubble sort. You come nowhere with only that sort of things in a normal language without a huge language machinery of all sorts of polymorphism, substitutability checks, modularity support etc. BTW. A classic example with filters is changing filter parameters. You do it in Simulink and the roller dynamometer goes to the ground, race condition. -- Regards, Dmitry A. Kazakov http://www.dmitry-kazakov.de