Fri, 13 Dec 2002 15:18:52 -0500
I just heard that some organization (perhaps Lockheed or JSF SPO)
has chosen MISRA C over Ada for JSF flight software.
According to http://www.misra.org.uk/> MISRA C is a standard
for a "restricted subset of a high-level language for programming
safety-related systems. The C programming language is being increasingly
used for automotive applications, due largely to the inherent language
flexibility, the extent of support and its potential for portability
across a wide range of hardware. However the nature of the C language
is such that there are many areas of concern which potentially
the high level of integrity required from the final executable code."
Why in the world would you choose an inherently unsafe language for
any safety-critical application? I can't look at the standard because
you have to buy a copy. I hope they recommend against the use of
pointers and C arrays, otherwise you can't make C safe.
Surely Spark Ada would have been a better choice.
[log in to unmask]