Sat, 24 Feb 2007 20:06:58 +1100
text/plain; charset=ISO-8859-1; format=flowed
C & U Grein wrote:
> Colin Paul Gloster schrieb:
>> Can't see why it should. It's supposed to be C++ certification.
>> It could well include knowledge of how to write robust C++ code.
>> Do people write safety critical applications in C++? The thought
>> shocks me.
> I guess they do Modern cars like Mercedes and BMW have a lot of code
> inside - and they don't use Ada AFAIK.
No, they don't. If you're lucky, they use MISRA-C
I'm doing my PhD on automotive software development. We already have a
nice model compiler that takes requirements (not designs) expressed in
xtUML and generates Ada-95 systems from them. Contact
http://www.softimp.com.au and ask about their BILBY model compiler.
We hope to apply that to automotive systems soon - measuring footprint,
real-time performance and so on. After that, re-jig the model compiler
so it produces SPARK-95, and code that complies with avionics standards
and is also formally provable.
Right now, automotive manufacturers are dreadfully vulnerable to legal
challenge. The software they produce is very good, quite safe, but as
it's in C and produced handraulically, they can't prove that they're
using "best practices".