Subject: Re: [boost] Use of boost in safety critical work
From: Christopher Kormanyos (e_float_at_[hidden])
Date: 2014-12-06 11:40:09
>> I am currently considering a job which involves embedded>> safety critical. It is for a neonatal ventilator so the safety critical>> aspect really is critical rather than just 'jolly important'.>> The company says the development will be in C++ but
>> they have not even heard of boost, let alone use it. They>> introduced me to a new acronym, well new to me anyway: SOUP.
>> It stands for Software of Unknown Pedigree. They classify>> boost as SOUP.
> I think this is plain wrong.
This is an interesting topic.
I am a guy who uses Boost, writes Boost, and worksintensely on safety-critical embedded systems --- justnot at the same time.
My advice is you familiarize yourself with the culture atthe potential job. Questions to ask are things such as:
* Does the software require adherence to quality standardssuch as SPICE?
* Do the products (and subsequently the software development)require adherence to safety standards such as ISO 26262?
* Will the software development be audited regardingits quality.
* Do you need to have traceability from source code totest case?
* Is C++ even allowed?
* Will the development use dynamic memory allocation?
* Will the development use exception handling?
* What size of project are you talking about?
* Will an underlying OS be running such as embedded
*nix, or will you be programming "on-the-metal".
Answering some of these questions should providea basis for deciding to use non-certified softwaresuch as Boost.
Sometimes all it takes is a list documenting the useof non-certified freeware in order to defend its usein an audit-type situation. Testing, traceability andtest coverage subsequently validate the tool in theproduct.
On Saturday, December 6, 2014 12:12 PM, Paul A. Bristow <pbristow_at_[hidden]> wrote:
> -----Original Message-----
> From: Boost [mailto:boost-bounces_at_[hidden]] On Behalf Of Andrew Marlow
> Sent: 05 December 2014 09:38
> To: boost
> Subject: [boost] Use of boost in safety critical work
> Hello fellow boosters,
> I am currently considering a job which involves embedded safety critical.
> It is for a neonatal ventilator so the safety critical aspect really is
critical rather than
> just 'jolly important'. The company says the development will be in C++ but
> not even heard of boost, let alone use it. They introduced me to a new
> well new to me anyway: SOUP.
> It stands for Software of Unknown Pedigree. They classify boost as SOUP.
I think this is plain wrong.
Boost Libraries are all
1Â Peer reviewed.
3Â What you see is what you get - all the source code and tests and examples are
provided for you to do your own code review.Â
4Â Provided with tests, often extensive.
5Â Tested continuously on a variety of platforms.
6Â In widespread use - bugs get found, reported and fixed (often quickly).
7Â Community support.
> I have used boost before in embedded work but I have never done safety
> work before so I don't know how widely boost is used there. Can anyone who
> worked on safety critical stuff comment please?
Nearly all Boost libraries assume use of exceptions, so are unsuited to
applications that forbid exceptions, usually to meet hard real-time
(However as others have noted, it is usually only tiny parts of systems like
fighter planes and incubators that need to eschew exceptions - nearly all the
rest must use exceptions to achieve any sort of quality and function in
reporting and displays etc).
Of course, you will need to test your own complete systems, but you can use
Boost code with confidence.
PS If you buy software from other vendors, and look closely, you may find that
you get a bit of Boost anyway!
Unsubscribe & other changes: http://lists.boost.org/mailman/listinfo.cgi/boost
Boost list run by bdawes at acm.org, gregod at cs.rpi.edu, cpdaniel at pacbell.net, john at johnmaddock.co.uk