Presentation is loading. Please wait.

Presentation is loading. Please wait.

Programming Languages and Software Construction Franco Gasperoni

Similar presentations


Presentation on theme: "Programming Languages and Software Construction Franco Gasperoni"— Presentation transcript:

1 Programming Languages and Software Construction Franco Gasperoni

2 © AdaCore under the GNU Free Documentation License 2 Copyright Notice © AdaCore under the GNU Free Documentation License Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.1 or any later version published by the Free Software Foundation; provided its original author is mentioned and the link to is kept. A copy of the license is included in available at:

3 © AdaCore under the GNU Free Documentation License 3 The Construction Analogy* Building Construction Software Construction Architectural drawings Analysis & design documents (e.g. UML diagrams) Materials Programming languages Libraries Reusable components Tools Development tools: Editor, compiler, debugger Config. mgmt, testing tools,… *Analogy from Tucker Taft invited talk at the Tools USA 99 conference

4 © AdaCore under the GNU Free Documentation License 4 Software Phases Affected by the P.L. Design Create a software structure (architecture) around which code will be built Coding Fill in the software structure with code Testing (Unit Testing) Check that the code does what it is supposed to (functionality, performance, reliability, …)

5 © AdaCore under the GNU Free Documentation License 5 Importance of Tools’ & Materials’ Quality Building Construction Software Construction Imagine nailing wooden panels where nails bent if you do not hit them perfectly in their axis Imagine programming with a language which accepts everything that you type and tries to guess what to do Imagine building a wall where 1 in ever 4 bricks breaks when you place it on the wall Imagine using a graphics library where 1 in 4 routines has a bug Imagine using a hammer whose head flies off if you do not hit the nails perfectly Imagine working with a compiler that crashes every 3 compilations or that generates executables that run very slowly

6 © AdaCore under the GNU Free Documentation License 6 Good A Good Programming Language … Helps you build software that is: Reliable Safe Secure Evolvable A good programming language will make your life easier. It will NOT do the job for you.

7 © AdaCore under the GNU Free Documentation License 7 Poor A Poor Programming Language … Will make it harder to build software that is: Reliable Safe Secure Evolvable It is possible to write good software with a poor language. It will require more experienced engineers. In any event it will take longer and will be more COSTLY than with a good language.

8 © AdaCore under the GNU Free Documentation License 8 Facts of Life in Software Construction Human Factors Affecting Programming Humans make mistakes People move on The code authors are not the ones that will fix bugs, port or add new features to the software Software evolves constantly Properties of a Good Programming language Make it harder to write incorrect code Support abstraction Help write readable code Support modular software organization Portable

9 © AdaCore under the GNU Free Documentation License 9 Why? Requirement for a Good Programming Language Explanation Make it harder to write incorrect code Humans make mistakes. Especially programmers who are constantly submersed with work. Support abstraction Humans make mistakes & People move on. Be able to write a program at a conceptual level close to the application domain. This makes the code easier to write & understand. Help write readable code People move on. Especially programmers. To preserve your software investment other people must be able to understand the code quickly. Support modular software organization Software evolves constantly. You must deliver software to your clients before it is actually finished (important to have feedback). Furthermore, once delivered you have to correct bugs, and add new features. Portable Software evolves constantly. You must port it to new hardware.

10 Programming Languages Examples

11 © AdaCore under the GNU Free Documentation License 11 A Programming Example Can you tell in less than 20 seconds whether the following 3 routines in the following 3 programming languages do the following correctly: Return the n-bit field of a 32 bit word from Bit position p To bit position p-n+1 Bit position 0 is at the right end Bit 31 ……… Bit p ………… Bit p-n+1 ……… Bit 0 n bits

12 © AdaCore under the GNU Free Documentation License 12 C unsigned get_bits ( unsigned x, int p, int n) { return (x >> (p-n+1)) & ~(~0 << n); }

13 © AdaCore under the GNU Free Documentation License 13 Ada 95 function Get_Bits (X : Bit_Array; P : Bit; N : Offset) return Bit_Array is begin return X (P – N P); end Get_Bits;

14 © AdaCore under the GNU Free Documentation License 14 History of Some Imperative Languages Fortran(54) PL/I(66) Ada(95) Java(96) Basic(66) C(72) Pascal(70) Cobol(58) Algol(60) Simula(67) Smalltalk(80) C++(89) imperative A S S E M B L Y Eiffel (86) Ada(83) 2005 Ada(05)

15 © AdaCore under the GNU Free Documentation License Ada(83) Ada(95) Java(96) C(72) Pascal(70) C++(89) Eiffel (86) ISO C++(98) Ada(05) Java 1.5 ANSI C(88) ISO C(99) 2005

16 © AdaCore under the GNU Free Documentation License 16 Programming Language Design Goals C A portable, higher-level assembly language No safety or security concerns C++ An object-oriented language upwardly compatible with C No safety or security concerns Java Fix C++ insecurity problems (i.e. cannot create a virus in Java) No safety concerns

17 © AdaCore under the GNU Free Documentation License 17 SECURE != RELIABLE SECURE != SAFE Java is a secure language That is you cannot create viruses with Java programs Java (like C and C++) is NOT a safe language It is easy for a programmer to make mistakes in Java both during regular development and during software evolution and create programs that behave incorrectly Sun Microsystems does not want Java to be used in safety- critical contexts

18 © AdaCore under the GNU Free Documentation License 18 Contents of the Windows 2000 License NOTE ON JAVA SUPPORT THE SOFTWARE PRODUCT MAY CONTAIN SUPPORT FOR PROGRAMS WRITTEN IN JAVA. JAVA TECHNOLOGY IS NOT FAULT TOLERANT AND IS NOT DESIGNED, MANUFACTURED, OR INTENDED FOR USE OR RESALE AS ON-LINE CONTROL EQUIPMENT IN HAZARDOUS ENVIRONMENTS REQUIRING FAIL- SAFE PERFORMANCE, SUCH AS IN THE OPERATION OF NUCLEAR FACILITIES, AIRCRAFT NAVIGATION OR COMMUNICATION SYSTEMS, AIR TRAFFIC CONTROL, DIRECT LIFE SUPPORT MACHINES, OR WEAPONS SYSTEMS, IN WHICH THE FAILURE OF JAVA TECHNOLOGY COULD LEAD DIRECTLY TO DEATH, PERSONAL INJURY, OR SEVERE PHYSICAL OR ENVIRONMENTAL DAMAGE. Sun Microsystems, Inc. has contractually obligated Microsoft to make this disclaimer.

19 The Ada Programming Language

20 © AdaCore under the GNU Free Documentation License 20 Ada Industrial-strength version of Pascal designed to build: Safe, and secure software Software that needs to evolve Mixed-language software Language designed by an international team 1983: First version of the language 1995: First standard revised (e.g. OO programming added) ­ First object-oriented language to be an ISO standard 2005: New revision Only language to have a formal compiler validation procedure Validation procedure is an ISO standard (> 4,000 compiler tests)

21 © AdaCore under the GNU Free Documentation License 21 Ada: Use it for Safety-Related Systems Safety standards recommend the use of Ada for the highest integrity levels Even the MISRA-C document recommends the use of Ada: Guidelines for the Use of the C Language in Vehicle Based Software: “… it should be recognized that there are other languages available which are in general better suited to safety-related systems, having (for example) fewer insecurities and better type checking. Examples of Languages generally recognized to be more suitable than C are Ada and Modula 2. If such languages could be available for a proposed system then their use should be seriously considered in preference to C.” page 3.

22 © AdaCore under the GNU Free Documentation License 22 Ada-Inspired Programming Features C++ Templates (Generics) Exceptions Java Array index checking Division by zero checks

23 © AdaCore under the GNU Free Documentation License 23 Some Languages Derived from Ada SPARK Subset of Ada used to design the most safety-critical systems VHDL Used for chip design PL SQL New programming language designed to extend SQL and make it a full programming language

24 © AdaCore under the GNU Free Documentation License 24 Some Industrial Applications in Ada Business-critical Canal+ Technologies: Pay-per-view, access control BNP: Trading Language Philips: Semiconductor assembly equipment Helsinki radiotelescope Mission-critical Astree: European-wide railroad signaling Weirton Steel - process controller Mondex electronic money Scanning Electron microscope Safety-critical Airbus A340 Boeing 777

25 Ada & Software Costs

26 © AdaCore under the GNU Free Documentation License 26 Source: MITRE (Avionics domain) 270,000 LOC 225,000 LOC 150,000 LOC 135,000 LOC 112,500 LOC 75,000 LOC Ada and Software Costs (1995 Study)

27 © AdaCore under the GNU Free Documentation License 27 Ziegler’s Study: Comparing C & Ada 1995 study on the VADS compiler 60 engineers, from with MS degrees in computer science All knew C at hire. All programmed in both C and Ada. VADS About 4.5 million lines of code, files, cost >$28m over 10 years

28 © AdaCore under the GNU Free Documentation License 28 Costs Per Feature During Implementation

29 © AdaCore under the GNU Free Documentation License 29 Post-Delivery (User-Reported) Defects

30 © AdaCore under the GNU Free Documentation License 30 Some Non-Reasons for Ada’s Advantage Not because of people: The same people used both languages Not because of process: The same process was used, for design, for testing, for debugging, for source control, for management, and so forth C required ‘makefiles’, but had tighter coding standards Not because of Ada’s highest level constructs: VADS used few generics or tasks Not because of reuse: This study considers only unique code, factoring out reuse

31 © AdaCore under the GNU Free Documentation License 31 Some Reasons for Ada’s Advantage Ada Enabled Better Error Locality Most errors caught at compile-time Runtime errors are easier to trace Ada Enabled Better Tool Support Ada’s richer semantic model allows computers to help more For example, builds are automated and guaranteed consistent Ada Reduced Effective Complexity Function of language complexity and application complexity Standard language complexity is easier to learn and use Ada Encouraged Better Program Organization Packages, with specifications and private parts

32 © AdaCore under the GNU Free Documentation License 32 Summary Developing software in Ada is 60% cheaper than in C Code developed in Ada has 9 times less bugs than in C Was Ada consistently better? *YES* Over different subsets of VADS For experienced AND inexperienced programmers For both C experts AND Ada experts For the highest AND lowest rated programmers Was Ada harder to learn? *No* Was Ada code more reliable? *YES*

33 Ada & Education

34 © AdaCore under the GNU Free Documentation License 34 From an Education Perspective Ada is a good language to teach good software practice Reliability, safety, security Ada allows to design functionality-oriented as well as object-oriented software Ada allows the construction of software that can evolve Free Software high-quality Ada environment available to all GNAT GPL Edition (Ada 2005) Linux, Solaris, Windows, …

35 © AdaCore under the GNU Free Documentation License 35 You Should Know Several Languages No single programming language is appropriate in every circumstance Today most systems use a mixture of programming languages

36 © AdaCore under the GNU Free Documentation License 36 Example: MULTOS CA Multiple application OS for smart cards 30%: SPARK (Ada subset) “Security kernel” of tamper- proof software Certified at the HIGHEST security level 30%: Ada 95 Infrastructure (concurrency, inter- task and inter- process communications, database interfaces etc.), bindings to ODBC and Win32 30%: C++ GUI (Microsoft Foundation Classes) 5%: C Device drivers, cryptographic algorithms 5%: SQL Database stored procedures


Download ppt "Programming Languages and Software Construction Franco Gasperoni"

Similar presentations


Ads by Google