The way software developers think can be described in one of two categories: engineer or non-engineer. The category an individual developer adopts is not necessarily determined by education but rather DNA–we become who we are.

It's reasonable to assume that an engineer is someone who pursued that field of study to specialize in electronics, mechanics, chemistry, or other applied science. However, it could also be a scientist who majored in mathematics, physics, computing, and so on. The engineering mind-set is also found among people who for example developed a passion for programming and made the transition from backgrounds as diverse as medicine and accounting. In any case, the vast majority of individuals employed as software developers do not hold degrees in software engineering or computer science.

For lack of a better word, and with apologies to Lord Byron, the father of Ada Lovelace, I shall define a “poet” as a non-engineer who develops software for a living. That being the case, what distinguishes an engineer from a poet in the context of software development? Certainly in the analysis and design phases, engineers are more pragmatic and have the knack for factoring complex problems into essential parts. Poets on the other hand will debate endlessly if the glass is half-empty or half-full. The engineer would simply dismiss this argument by stating that the glass too big. Meanwhile, in the implementation phase the following comparisons come to mind: Specific vs. general, clean vs. messy, simple vs. complex, and reliable vs. unreliable.

Most poets have never even heard of Ada much less written an Ada program, but those who have didn't like the experience. For them the language is too rigorous, assumes too much control and stifles the freedom to be creative. Furthermore, Ada refuses to make assumptions, wants to know every detail about every program entity, constantly points out existing or potential programming errors and insists these be corrected before even considering building an executable. By comparison, engineers are delighted to work with Ada because it allows them to write better software faster and avoid the task of debugging.

If a manager of an IT department wants to separate the engineers from the poets the simplest way is to provide each developer with the option of using either Ada or Java / C++. All things being equal (job security, career advancement, etc.) the engineers will choose Ada.The commoditization of Java

In an online search for software training courses, a visit to the localbook store, or a scan of any magazine rack, the name “Java” appearsagain and again. The brilliant marketing strategy to run ads everywhereand supply developers with free Java technology has exceeded allexpectations in terms of adoption and momentum. With the exception ofits inventor, Sun Microsystems, who forgot to install a cash register,the software industry has profited greatly since Java became a commodityitem.

Unfortunately for the consumer, the widespread use of Java has meantdisappointment. We are now conditioned like laboratory rats to resetproducts that occasionally “crash or hang” and install software updatesand security patches on a weekly basis. The rise of Java has also been asetback to computer science and software engineering departments whoare pressured by industry to produce Java programmers to address theinsatiable demand for new software. There is also pressure from thestudents themselves to learn a marketable skill so as to qualify for awell-paid job after graduation. Sadly, these students have beeneffectively hijacked by the IT industry for the purpose of assemblingthe equivalent of “LEGO” blocks into applications without understandingmany of the underlying fundamentals. When the software industry iseventually forced to put away the toys and seek membership among theranks of established engineering disciplines, these former students willrealize they were short changed. Many professors lament the deviationfrom academic rigor but are powerless to do anything about it.

The status quo

Java-related vendors and service companies are doing well. In fact,business is booming! Oracle is selling great numbers of run-timelicenses, consulting agencies are able to lease developers by the hourat obscene rates, on-line shops sell $5 mobile “apps” by the million,and scores of companies' large and small acquire expertise inopen-source frameworks to provide support services under contract. So,clearly the Java ecosystem is a great money-making business. However,now everything from the Internet to financial systems to portablegadgets is inundated with the most fragile, unsafe, and insecuresoftware technologies to appear in the last 40 years, namely: theC-based family of programming languages, which include Java, C#, C++, C,D, Perl, PHP, and so on.

The only business domains that remain relatively free from mainstream ITmarket-forces are those responsible for mission and safety-criticalsystems where a software defect can result in death or injury.Apparently, the threat of crippling litigation and/or jail-terms issufficient motivation for management to let the engineers make thedecisions. That is why the majority of aircraft, space vehicles, railwaysystems, air-traffic control, power plants, communication satellites,security-critical networks, and defense systems are implemented in Ada.This is not to suggest that the use of Java is completely forbidden. Forexample, in commercial aircraft a mixture of Java and C++ is often usedto control the in-flight entertainment system where the reset button isknown to fix most problems.

Diminishing returns

The demands placed on software organizations have never been greater.Development costs continue to increase despite attempts to exploit nearand off-shore manpower resources in low-wage countries. Complexity isgetting difficult to manage or is already out of control. Unrealisticrelease dates constantly push half-baked products into the market withthe idea of using the customer to download and install software patches.Financial disasters caused by defects in banking applications andreal-time trading platforms occur on a regular basis, and networkvulnerabilities now threaten the infrastructure and security of entirenations!

If the software that runs our society and has an impact on almost everyfacet of our lives was the air we breathe, then in most places we wouldhave to wear masks. Given the current state of affairs, it is notsurprising that many people are beginning to question the competence,values and principles of those running the software industry.

The management of large multinational organizations is blissfullyunaware of the technologies that run their companies. However, to thosein the trenches working overtime in a losing battle against complexityand delivery schedules, technology is the first thing on their minds.Growing numbers of disgruntled developers are waking up to the fact thatthe C-based family of programming languages that currently dominate theIT landscape is no longer up to the job, and they are looking for a wayout.

As people begin to challenge the status quo, the market forces thatbrought the C-family to the forefront will also be responsible forreplacing it. The question is, with what? The market of course has nohumanitarian virtues; it is driven strictly by profit. That should be aconcern to all of us because software is no longer just a businessresource, a personal convenience tool, or a source of entertainment. Thescary fact is: our computerized society is now completely dependent onreliable software technology for its survival.

Ada to the rescue

A major disaster might first need to occur (consult Hollywood filmstudios for potential scenarios), but sooner or later all essentialinfrastructure systems (starting with communication networks andfinancial hubs) will need to conform to the same engineering standardsthat apply to commercial aircraft.

Ada is selected for use in aircraft and othersafety/mission/business/security-critical applications for severalreasons, all of which contribute to one overriding objective: “programcorrectness.” The design of Ada allows us construct programs of greatsize and complexity with a high-level of confidence that no defectsexist. If however a defect (in other words, a bug) eludes detection,finds its way into production and one day causes an exception, the Adarun time includes mechanisms to catch and handle the fault in acontrolled manner.

Ada's success in the field of software engineering is the result of adesign principal where everything about the language (structures,declarations, statements, syntax, and semantics) is focused onmaintaining the integrity of the “type-model.” In other words, thelanguage will prevent any compile or run-time attempts to compromise theintegrity of a type or an instance thereof. To work efficiently withAda you need to understand this principal and use it to your advantage.In modeling the problem domain, the more information you can provide tothe type-model, the more correct and robust will be your solution.

For example, in an application that performs calculations on thephysical quantities such as length, velocity, time and acceleration aprofessional programmer would declare four types, and for each one, aset of operations specific to the problem being solved, a subset ofallowed values, rules that determine how the types may interact, what itmeans for an instance of a type to be valid, and pre and postconditions for each subprogram interface. Developing software in thismanner is analogous to building a mechanical machine where all partshave to fit perfectly together in order for the machine to work. To someprogrammers this might seem to some like a lot of work, but it's notwhen you compare it to the time and effort required to debug a runningsystem.

A general-purpose computer has no knowledge of physics, and therefore inthe scenario above we compensate for this deficiency by preventing theevaluation of meaningless expressions such as D (m) + A (m/s2 ).We can apply even more rigor by using the dimensionality-checkingfeature in Ada-2012. This feature allows developers to assign units tovariables thereby giving them dimension. By supplying this informationto the type-model, the compiler can cross-check the use of objects inthe solution against the laws of physics in the problem-domain. To asoftware engineer this feature is like a dream come true.

Had the “Mars Climate Orbiter” been programmed in Ada or dimensionalitychecking been applied, the mission would have probably succeeded and notresulted in the loss of around $330 million and a major embarrassmentto NASA. In case you didn't know, this mission failed because of amix-up in the navigation software between the metric unit “Newtons (N)”and the imperial measure “Pound-Force (lbf)” which resulted in thedestruction of the spacecraft as it entered the Martian atmosphere.Well as they say; live and learn.

Of poets and engineers

As the need for software that is “engineered” as opposed to “crafted”gains more attention, the release of Ada-2012 last December could nothave occurred at a more opportune time.

Daniel Bigelow is an independent IT consultant located inBern, Switzerland. His main area of interest concerns the implementationof highly-reliable systems where Ada technology plays an importantrole. He has more than 20 years of experience in all phases of thesoftware development process in domains such as finance,telecommunications, air traffic management, defense, railway control,and instrumentation. He holds a bachelor's degree in electronicengineering and is the author of many video tutorials on Ada onAdaCore's tutorial page and on his own site, www.bigelow.ch/.

Share this: Twitter

Facebook

LinkedIn

More

Reddit

Tumblr



Pinterest

WhatsApp



Skype

Pocket



Telegram

