october 4, 2001sigada 2001 panel: ada experiences 1 ada experiences panel chair john mccormick,...
TRANSCRIPT
![Page 1: October 4, 2001SIGAda 2001 Panel: Ada Experiences 1 Ada Experiences Panel Chair John McCormick, University of Northern Iowa Panelists Robert LockwoodAlliant](https://reader036.vdocument.in/reader036/viewer/2022062619/55199d875503464d068b4a6d/html5/thumbnails/1.jpg)
October 4, 2001 SIGAda 2001 Panel: Ada Experiences
1
Ada Experiences
Panel ChairJohn McCormick, University of Northern Iowa
PanelistsRobert Lockwood Alliant Techsystems
Bill Rusinak Lockheed-Martin
David Glessner Rockwell-Collins
Elizabeth Theesfeld Honeywell
![Page 2: October 4, 2001SIGAda 2001 Panel: Ada Experiences 1 Ada Experiences Panel Chair John McCormick, University of Northern Iowa Panelists Robert LockwoodAlliant](https://reader036.vdocument.in/reader036/viewer/2022062619/55199d875503464d068b4a6d/html5/thumbnails/2.jpg)
October 4, 2001 SIGAda 2001 Panel: Ada Experiences
2
Bob Lockwood
• Software Engineering Manager• Alliant Techsystems – Integrated Defense
Company• 600 Second Street NE
Hopkins, MN 55345952-931-5285
![Page 3: October 4, 2001SIGAda 2001 Panel: Ada Experiences 1 Ada Experiences Panel Chair John McCormick, University of Northern Iowa Panelists Robert LockwoodAlliant](https://reader036.vdocument.in/reader036/viewer/2022062619/55199d875503464d068b4a6d/html5/thumbnails/3.jpg)
October 4, 2001 SIGAda 2001 Panel: Ada Experiences
3
Software Engineering Experience• Applications: Military – Command, Control,
Communications• Primary Projects – Real-Time, Embedded• Experience – 9 years hardware developer – 25
years software developer – 16 years working with Ada-83/Ada-95
• Company Certifications – ISO9001, CP2• Platforms – Intel 80x86/i960, PowerPC 5xx, 6xx,
7xx• Operating Systems – Bare Machine, VRTX,
VxWorks, Nucleus, LynxOS
![Page 4: October 4, 2001SIGAda 2001 Panel: Ada Experiences 1 Ada Experiences Panel Chair John McCormick, University of Northern Iowa Panelists Robert LockwoodAlliant](https://reader036.vdocument.in/reader036/viewer/2022062619/55199d875503464d068b4a6d/html5/thumbnails/4.jpg)
October 4, 2001 SIGAda 2001 Panel: Ada Experiences
4
Project• Military Vehicle Fire Control
– Navigation– Communication– Ballistics– Weapon Control– Operator Interface
• Intel 80x86/i960 platforms• Why Ada
– First major vehicle project – Ada Mandate– Highly Embedded C3
![Page 5: October 4, 2001SIGAda 2001 Panel: Ada Experiences 1 Ada Experiences Panel Chair John McCormick, University of Northern Iowa Panelists Robert LockwoodAlliant](https://reader036.vdocument.in/reader036/viewer/2022062619/55199d875503464d068b4a6d/html5/thumbnails/5.jpg)
October 4, 2001 SIGAda 2001 Panel: Ada Experiences
5
Project (cont)• Size
– Tactical Software 200,000 sloc– Support Software 300,000 sloc
• Why Easy– Strongly typed– Compile-Time checks
• Why Hard– Lack of experienced programmers– Extensive training necessary
![Page 6: October 4, 2001SIGAda 2001 Panel: Ada Experiences 1 Ada Experiences Panel Chair John McCormick, University of Northern Iowa Panelists Robert LockwoodAlliant](https://reader036.vdocument.in/reader036/viewer/2022062619/55199d875503464d068b4a6d/html5/thumbnails/6.jpg)
October 4, 2001 SIGAda 2001 Panel: Ada Experiences
6
Project (cont)
• Comparisons (Ada vs. xyz)– Fewer dumb errors– More robust runtime code– Higher reliability (with same compiler)– More automated testing
• Lessons Learned– Advantage for multiple development groups– Limit language usage– Most errors found at compile time– Identify interfaces early in project
![Page 7: October 4, 2001SIGAda 2001 Panel: Ada Experiences 1 Ada Experiences Panel Chair John McCormick, University of Northern Iowa Panelists Robert LockwoodAlliant](https://reader036.vdocument.in/reader036/viewer/2022062619/55199d875503464d068b4a6d/html5/thumbnails/7.jpg)
October 4, 2001 SIGAda 2001 Panel: Ada Experiences
7
Sr Software Engineering Manager
Lockheed Martin Tactical Defense Systems
Eagan, MN
Bill Rusinak
![Page 8: October 4, 2001SIGAda 2001 Panel: Ada Experiences 1 Ada Experiences Panel Chair John McCormick, University of Northern Iowa Panelists Robert LockwoodAlliant](https://reader036.vdocument.in/reader036/viewer/2022062619/55199d875503464d068b4a6d/html5/thumbnails/8.jpg)
October 4, 2001 SIGAda 2001 Panel: Ada Experiences
8
• Application: Military embedded systems (Maritime Surveillance Aircraft (MSA))
• Projects are real-time applications
• Experience: 23 years (12 years with Ada)
• Lockheed Martin TDS is CMM level 4, ISO 9001
• Platforms: Sun/Unix host development targeted to several platforms (Motorola 680x0, PowerPC)
![Page 9: October 4, 2001SIGAda 2001 Panel: Ada Experiences 1 Ada Experiences Panel Chair John McCormick, University of Northern Iowa Panelists Robert LockwoodAlliant](https://reader036.vdocument.in/reader036/viewer/2022062619/55199d875503464d068b4a6d/html5/thumbnails/9.jpg)
October 4, 2001 SIGAda 2001 Panel: Ada Experiences
9
Ada Experiences in MSA• Lockheed Martin Eagan supplies mission software for
almost all of the world’s P-3 aircraft (US Navy, Japan, Australia, Norway, the Netherlands)
• Replacement of 1970’s vintage hardware and software began in 1989 with the US Navy– First system had 3 Motorola 68030 processors
– Mission and System Test software rewritten (Ada 83)
– Evolving (e.g., X-Windows, Sparc)
• Ada software is 1 to 1.2 million lines of non-comment, non-blank code
![Page 10: October 4, 2001SIGAda 2001 Panel: Ada Experiences 1 Ada Experiences Panel Chair John McCormick, University of Northern Iowa Panelists Robert LockwoodAlliant](https://reader036.vdocument.in/reader036/viewer/2022062619/55199d875503464d068b4a6d/html5/thumbnails/10.jpg)
October 4, 2001 SIGAda 2001 Panel: Ada Experiences
10
Positive Experiences• Ada tasking was used without problem
– Task deadlocks were never encountered due to application of good design methodology
• Use of separates promotes design
• Ada code usable as PDL
• Original architecture has been flexible– Ported to different hosts– Maintained through different toolsets– Maintained by several customers
![Page 11: October 4, 2001SIGAda 2001 Panel: Ada Experiences 1 Ada Experiences Panel Chair John McCormick, University of Northern Iowa Panelists Robert LockwoodAlliant](https://reader036.vdocument.in/reader036/viewer/2022062619/55199d875503464d068b4a6d/html5/thumbnails/11.jpg)
October 4, 2001 SIGAda 2001 Panel: Ada Experiences
11
Negative Experiences• Task stack sizing is risky in a limited memory
system (only your linker knows for sure)
• Exceptions happen when you least expect them – it is easy to leave a semaphore seized
• Separates increase compilation time– Use a “de-separatizer”
• Overloading of names can be confusing
• Over and under use of types and exceptions– Takes experience to find the middle ground
![Page 12: October 4, 2001SIGAda 2001 Panel: Ada Experiences 1 Ada Experiences Panel Chair John McCormick, University of Northern Iowa Panelists Robert LockwoodAlliant](https://reader036.vdocument.in/reader036/viewer/2022062619/55199d875503464d068b4a6d/html5/thumbnails/12.jpg)
October 4, 2001 SIGAda 2001 Panel: Ada Experiences
12
Negative Experiences
• Ada 83 lacking protection mechanisms and multi-processor support
• Language needs space for stacks, exceptions, and can produce big programs
• Need more support/tooling
![Page 13: October 4, 2001SIGAda 2001 Panel: Ada Experiences 1 Ada Experiences Panel Chair John McCormick, University of Northern Iowa Panelists Robert LockwoodAlliant](https://reader036.vdocument.in/reader036/viewer/2022062619/55199d875503464d068b4a6d/html5/thumbnails/13.jpg)
October 4, 2001 SIGAda 2001 Panel: Ada Experiences
13
In General
• Define tasks up front
• Enforce concrete rules and use a few protection mechanisms
• Closely monitor dependencies during design
• Structure libraries properly
• Do it again (but with Ada 95)
![Page 14: October 4, 2001SIGAda 2001 Panel: Ada Experiences 1 Ada Experiences Panel Chair John McCormick, University of Northern Iowa Panelists Robert LockwoodAlliant](https://reader036.vdocument.in/reader036/viewer/2022062619/55199d875503464d068b4a6d/html5/thumbnails/14.jpg)
October 4, 2001 SIGAda 2001 Panel: Ada Experiences
14
• Senior Software Engineer, Navigation and Control Group, Advanced Technology Center
• Rockwell Collins400 Collins Road NE Cedar Rapids, Iowa 52498 319-295-6012
David W. Glessner
![Page 15: October 4, 2001SIGAda 2001 Panel: Ada Experiences 1 Ada Experiences Panel Chair John McCormick, University of Northern Iowa Panelists Robert LockwoodAlliant](https://reader036.vdocument.in/reader036/viewer/2022062619/55199d875503464d068b4a6d/html5/thumbnails/15.jpg)
October 4, 2001 SIGAda 2001 Panel: Ada Experiences
15
Software Engineering Experience• Rockwell Collins: Navigation systems
(commercial and military)
• Pre-Rockwell Collins: Commercial RF systems (broadcast radio and TV, paging)
• 15 years in software, last 3 with Ada. Most of the rest with C. Some Assembly.
• Target platforms: Mostly custom boards (AAMP, 68302, 68HC16, 8088, Z-80), some PCs. Various commercial and custom RTOSes.
• Development platforms: Unix (Sun, HP, DEC), Windows, VAX (using Apex RCI).
![Page 16: October 4, 2001SIGAda 2001 Panel: Ada Experiences 1 Ada Experiences Panel Chair John McCormick, University of Northern Iowa Panelists Robert LockwoodAlliant](https://reader036.vdocument.in/reader036/viewer/2022062619/55199d875503464d068b4a6d/html5/thumbnails/16.jpg)
October 4, 2001 SIGAda 2001 Panel: Ada Experiences
16
SNIPER/SUOSAS• Sensor Integration for robust navigation
– GPS, IMU, Loran, barometric altimeter, TDOA radio, vision.
– DARPA funded.
• Reused Ada software from earlier GPS/IMU projects.
• 80,000 LOC (38,000 non-comment non-blank)
• First exposure to Ada.
![Page 17: October 4, 2001SIGAda 2001 Panel: Ada Experiences 1 Ada Experiences Panel Chair John McCormick, University of Northern Iowa Panelists Robert LockwoodAlliant](https://reader036.vdocument.in/reader036/viewer/2022062619/55199d875503464d068b4a6d/html5/thumbnails/17.jpg)
October 4, 2001 SIGAda 2001 Panel: Ada Experiences
17
SNIPER/SUOSAS (cont)• Good:
– Package specs. Enumerations. Ranges.– Rational Apex. Rational Compilation Integrator (RCI).
• Bad: – Flaky hardware. – Tools. – Compile times. – Didn't "trust" the language. – Code bloat (possibly due to Ada 83 missing generic formal
packages or pointers to subprograms).
• Result: Successful field trials for both projects. SUOSAS continuing.
![Page 18: October 4, 2001SIGAda 2001 Panel: Ada Experiences 1 Ada Experiences Panel Chair John McCormick, University of Northern Iowa Panelists Robert LockwoodAlliant](https://reader036.vdocument.in/reader036/viewer/2022062619/55199d875503464d068b4a6d/html5/thumbnails/18.jpg)
October 4, 2001 SIGAda 2001 Panel: Ada Experiences
18
Various GPS-related projects(Commercial GPS, Artillery)
• Ada chosen on a DARPA project in 1980s due to DOD mandate. Based on earlier Jovial development. Some parts of software still have a Jovial "feel" e.g., "for ii in 1..10"
• 102,000 LOC (44,000 non-comment, non-blank)
• Analysis and modifications of some pretty complicated code.
![Page 19: October 4, 2001SIGAda 2001 Panel: Ada Experiences 1 Ada Experiences Panel Chair John McCormick, University of Northern Iowa Panelists Robert LockwoodAlliant](https://reader036.vdocument.in/reader036/viewer/2022062619/55199d875503464d068b4a6d/html5/thumbnails/19.jpg)
October 4, 2001 SIGAda 2001 Panel: Ada Experiences
19
Various GPS-related projects (cont)
• Good– Apex browsing!
– Types make modifications easier to analyze.
• Bad– Apex configuration control (Summit/CM).
– Cumbersome to see differences between versions. (Local policies probably contributed to this.)
• Results: Successful lab trials.
![Page 20: October 4, 2001SIGAda 2001 Panel: Ada Experiences 1 Ada Experiences Panel Chair John McCormick, University of Northern Iowa Panelists Robert LockwoodAlliant](https://reader036.vdocument.in/reader036/viewer/2022062619/55199d875503464d068b4a6d/html5/thumbnails/20.jpg)
October 4, 2001 SIGAda 2001 Panel: Ada Experiences
20
Automatic Dependent Surveillance – Broadcast (ADS-B)
• New development integrated with existing Traffic Alert and Collision Avoidance System (TCAS).
• ADS-B: 8,000 LOC (4,400 non-comment, non-blank)– similar amount for additional analysis and simulation
• Mixture of Apex Ada 95 (Sun host) and DDC Ada 83 (AAMP-based TCAS target).– developed mainly on the Sun
– late integration (risky, but worked quite well)
![Page 21: October 4, 2001SIGAda 2001 Panel: Ada Experiences 1 Ada Experiences Panel Chair John McCormick, University of Northern Iowa Panelists Robert LockwoodAlliant](https://reader036.vdocument.in/reader036/viewer/2022062619/55199d875503464d068b4a6d/html5/thumbnails/21.jpg)
October 4, 2001 SIGAda 2001 Panel: Ada Experiences
21
Automatic Dependent Surveillance – Broadcast (ADS-B) (cont)
• Good– Ada 95/83 portability. Ada 95 tasking.– GNAT for the PC.– Ada contributes to thoroughness; exposed some
algorithm weaknesses.
• Bad– Ada design flaw? “Cos(Long_Float(2.0*Pi/I))”
– Stack alignment bug during integration.
• Result: Successful flight tests with other vendors. Work continuing.
![Page 22: October 4, 2001SIGAda 2001 Panel: Ada Experiences 1 Ada Experiences Panel Chair John McCormick, University of Northern Iowa Panelists Robert LockwoodAlliant](https://reader036.vdocument.in/reader036/viewer/2022062619/55199d875503464d068b4a6d/html5/thumbnails/22.jpg)
October 4, 2001 SIGAda 2001 Panel: Ada Experiences
22
Elizabeth Theesfeld
6 Black Belt/Principal Software Engineer
HoneywellCommercial Aviation Products (CAP)
8840 Evergreen Blvd
Coon Rapids, MN 55433
(763) 957-3626
Commercial Aviation Products
![Page 23: October 4, 2001SIGAda 2001 Panel: Ada Experiences 1 Ada Experiences Panel Chair John McCormick, University of Northern Iowa Panelists Robert LockwoodAlliant](https://reader036.vdocument.in/reader036/viewer/2022062619/55199d875503464d068b4a6d/html5/thumbnails/23.jpg)
October 4, 2001 SIGAda 2001 Panel: Ada Experiences
23
Background Information
14 Years of experience in real-time embedded software for both Military and Commercial Avionics.
7 Years of experience with Ada.
Commercial Aviation Products
![Page 24: October 4, 2001SIGAda 2001 Panel: Ada Experiences 1 Ada Experiences Panel Chair John McCormick, University of Northern Iowa Panelists Robert LockwoodAlliant](https://reader036.vdocument.in/reader036/viewer/2022062619/55199d875503464d068b4a6d/html5/thumbnails/24.jpg)
October 4, 2001 SIGAda 2001 Panel: Ada Experiences
24
CAP has only one program developed in Ada Secondary Attitude and Air Data Reference Unit
(SAARU) for the Boeing 777 Aircraft 60,000 Lines of Code Real-Time embedded software on a 68040
processor Object Oriented Design using Booch Diagrams DO-178B Compliant
Commercial Aviation Products
![Page 25: October 4, 2001SIGAda 2001 Panel: Ada Experiences 1 Ada Experiences Panel Chair John McCormick, University of Northern Iowa Panelists Robert LockwoodAlliant](https://reader036.vdocument.in/reader036/viewer/2022062619/55199d875503464d068b4a6d/html5/thumbnails/25.jpg)
October 4, 2001 SIGAda 2001 Panel: Ada Experiences
25
Positives for using Ada at CAP Eliminated the need for software-software
integration Strong data typing Strong software architecture Was able to hand the program over to a new team
that did not work on the original development for airline updates with minimal impact
Negatives for using Ada at CAP Not many Ada programmers available
Commercial Aviation Products
![Page 26: October 4, 2001SIGAda 2001 Panel: Ada Experiences 1 Ada Experiences Panel Chair John McCormick, University of Northern Iowa Panelists Robert LockwoodAlliant](https://reader036.vdocument.in/reader036/viewer/2022062619/55199d875503464d068b4a6d/html5/thumbnails/26.jpg)
October 4, 2001 SIGAda 2001 Panel: Ada Experiences
26
Reliability of SAARU software in the field
The 777 was certified in 1995
To date we have had 0 software defects recorded
Commercial Aviation Products