From mboxrd@z Thu Jan  1 00:00:00 1970
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me
X-Spam-Level: 
X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00 autolearn=ham
	autolearn_force=no version=3.4.4
X-Google-Language: ENGLISH,ASCII-7-bit
X-Google-Thread: 103376,f039470e8f537101
X-Google-Attributes: gid103376,public
X-Google-ArrivalTime: 2003-07-29 12:44:14 PST
Path: 
 archiver1.google.com!news1.google.com!newsfeed.stanford.edu!cyclone.bc.net!newsfeed.media.kyoto-u.ac.jp!newsfeed01.tsnz.net!news.xtra.co.nz!53ab2750!not-for-mail
Newsgroups: comp.lang.ada
Subject: Re: Ariane5 FAQ
From: Berend de Boer <berend@xsol.com>
Message-ID: <ulluhjf19.fsf@xsol.com>
User-Agent: Gnus/5.090014 (Oort Gnus v0.14) Emacs/21.2
 (i386-msvc-nt5.0.2195)
References: <3F200AD0.94F79098@adaworks.com>
 <e2e5731a.0307241721.a6eae4e@posting.google.com>
 <7u9Ua.13412$634.10307@nwrdny03.gnilink.net> <3F215120.1040706@attbi.com>
 <1059151910.357790@master.nyc.kbcfp.com>
 <e2e5731a.0307251844.7ea4dab4@posting.google.com>
 <bDTUa.6456$AO6.976@nwrdny02.gnilink.net>
 <e2e5731a.0307271419.4390a02c@posting.google.com> <ud6fvzbzc.fsf@xsol.com>
 <3F248CEE.5050709@attbi.com> <3F25FB81.A81694FA@adaworks.com>
 <K9oVa.12850$AO6.11742@nwrdny02.gnilink.net>
 <bg5a1g$l7sjg$1@ID-175126.news.uni-berlin.de>
Cancel-Lock: sha1:g4rZFw1nXTz465tCg0eqtOr3IHQ=
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Date: Wed, 30 Jul 2003 07:42:26 +1200
NNTP-Posting-Host: 219.88.64.124
X-Complaints-To: newsadmin@xtra.co.nz
X-Trace: news.xtra.co.nz 1059507852 219.88.64.124 (Wed,
 30 Jul 2003 07:44:12 NZST)
NNTP-Posting-Date: Wed, 30 Jul 2003 07:44:12 NZST
Organization: Xtra
Xref: archiver1.google.com comp.lang.ada:40960
Date: 2003-07-30T07:42:26+12:00
List-Id: <comp.lang.ada>

>>>>> "Vinzent" == Vinzent Hoefler <ada.rocks@jlfencey.com> writes:

    Vinzent> That isn't much different from SPARK where you should
    Vinzent> justify such decisions for the verifier. I don't think
    Vinzent> either method would have helped, because nobody seemed to
    Vinzent> look at the requirements at all.

True. Didn't they have a system in place where people have to sign
certain things? I.e. a software engineer can sign that use of this
software is ok.

Ultimately someone decided to include a piece of Ariadne 4
software. And that someone didn't check the requirements. Either
because a software engineer recommended it (in which case he should
have checked it), or he was the software engineer.

And if people didn't know about the importance of requirements, it's a
telling sign at what state software engineering in general really
is. It just reminds me at the education in software engineering I got.

But fortunately, at the moment I'm really shocked when I see code that
has absolutely no conditions under which it is supposed to operate
(just trial and error, and looking at the source if you have it). But
unfortunately, most code/specs is still written this way.

-- 
Regards,

Berend. (-: