From: David Crocker (dcrocker(at)eschertech.com)
Date: Thu 05 Feb 2004 - 13:16:30 GMT
The only public specification for a C++ subset I am aware of is Embedded C++. This subset does not have safety as its prime objective, although its objectives include "to provide embedded systems programmers with a subset of C++ that is easy for the average C programmer to understand and use" and "Taking care not to produce unpredictable responses". However, it doesn't even have a MISRA-like set of rules to avoid unsafe constructs. It defines a language subset (mostly syntactic) and a few guidelines (which are mostly not to do with safety). Although our formal methods tool generates code in a C++ subset, we do not yet publish a specification for the subset. However we have made a start by publishing on our web site a matrix indicating compliance or otherwise with the MISRA C rules. One tool vendor I spoke to recently has a set of C++ subsetting rules for static checking, but I don't know the details. David Crocker Escher Technologies Ltd. www.eschertech.com Tel. +44(0)1252 336565 Fax +44(0)1252 320954 -----Original Message----- From: safety-critical-request(at)cs.york.ac.uk [mailto:safety-critical-request(at)cs.york.ac.uk]On Behalf Of Jolliffe Graham Sent: 05 February 2004 09:32 To: safety-critical(at)cs.york.ac.uk Subject: - RE: [sc] FAA Object Oriented Technolo gy in Aviation handbook public draft I too would be interested in any info on safe/safer subset of C++. I have a S-C FADEC system that has been certified by the FAA which uses C++. However, neither they nor the FADEC DA will tell me what this subset is. It leaves me somewhat sceptical that a robust safety argument has been employed. Graham Jolliffe Technical Assurance Manager Safety and Software * gjolliffe(at)QinetiQ.com * 01980 662349 Fax 01980 663326