Dominic Williams
xpdoka@REDACTED
Thu Mar 8 07:54:03 CET 2007
More information about the erlang-questions mailing list
Thu Mar 8 07:54:03 CET 2007
- Previous message (by thread): [erlang-questions] erlang in Air Traffic Management ?
- Next message (by thread): [erlang-questions] erlang in Air Traffic Management ?
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Hello Jeff, > As a side question and really what I'm curious to know is > what requirements, regulations, informal pressure is there > that governs the use of certain languages, etc both in the > aeronautics industry and other "high reliablity" > industries? When I was in the railway signalling industry a few years ago, we applied Cenelec's EN 50128 standard. It defines 4 safety integrity levels (SIL), of which only 2 are really used, 2 and 4. SIL 4 applies to the critical systems: the ones that directly control signals, points and automatic train control or automatic train protection. SIL 2 applies to things like central control rooms, SCADA etc. The standard doesn't stipulate explicitly which languages can be used, but it does stipulate certain language features that are required or prohibited. The traditional interpretation of the standard is that at SIL4, only Ada can be used, but at SIL2, C/C++ can be (and is) used, although with some restrictions that can be addressed by coding standards. There is no doubt that, as far as the standard is concerned, a good case can be made for Erlang (for SIL2 systems only): it has many features that are recommended by the standard - its only weakness is that it has automatic memory management, but in practice C/C++ systems rarely manage to avoid using dynamic memory (strongly discouraged, if my memory serves me right, by the standard), so obviously a garbage collector is better than doing malloc/free or new/delete manually. But, in principle, one could (and should) write a C/C++ system using only static and automatic memory allocation - which you can't do in Erlang. The real problem is that the industry is very conservative, and there is great informal pressure not to do things any differently from how they've been done in the past. There is even a holy principle, whose name I forget, which is in the standards, and basically means: we guarantee this is as safe as (i.e. not worse than) previously designed systems. Regards, Dominic Williams http://www.dominicwilliams.net ----
- Previous message (by thread): [erlang-questions] erlang in Air Traffic Management ?
- Next message (by thread): [erlang-questions] erlang in Air Traffic Management ?
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the erlang-questions mailing list