Boost logo

Boost :

Subject: Re: [boost] Use of boost in safety critical work
From: Christopher Kormanyos (e_float_at_[hidden])
Date: 2014-12-09 16:21:18


>>> I am currently considering a job which involves embedded safety critical.
>>> It is for a neonatal ventilator so the safety critical aspect really is
>>> critical rather than just 'jolly important'. The company says the
>>> development will be in C++ but they have not even heard of boost, let>>> alone use it. They introduced me to a new acronym, well new to>>> me anyway: SOUP.> > It stands for Software of Unknown Pedigree. They classify boost as SOUP.

>> Hi Andrew, and everybody.
>> This is a so fruitful thread, full of information.

> Indeed. Many thanks to all those who have contributed so far.

>> Question to Andrew: what about the STL then, do they classify as SOUP
>> too? Or they have a verified implementation?

> The STL is suspect and they do classify it as SOUP. They do not have a
> verified implementation, they use the one that comes with Visual Studio
> 2008. Since it is viewed with suspicion only certain parts of it are used.

Hi Andrew and everyone,

Another option you might consider regarding the STL is to write yourown small subset of the STL. If you go this way, you must dilligentlyattempt to adhere to standards. Try as best as possible to verifywhat you write with rigorous testing.
When writing non-certified subsets of the STL for microcontrollers,I concentrate on those parts of the STL that reliably avoid dynamicmemory allocation and exceptions. It is amazing how far you canget with:
* parts of <algorithm>* <array>, but with exceptions not implemented for range-check
* <cstddef>
* <cstdint>* <initializer_list>* <iterator>* <limits>
* <numeric>* a subset of <tuple>, but without allocators and implemented withlimited parameter count, not variadic templates.* parts of <utility>* parts of <type_traits>
* if you really get crazy, <chrono>, <ratio>, and <condition_variable>
* and probably a few I forgot
You might find inspiration from Chapter 16 in my book below.
Real-Time C++ - Efficient Object-Oriented and Template Microcontroller Programming
You might also take a look at my (non-certified!) extremely-partial subsetof the STL below. It was originally written for  GCC and Atmel(R) AVR(R)8-bit microcontrollers. But I also have used it (or variations of it) withother compilers such as IAR systems, Wind River and others.Look in the directory "impl" for coding details.

https://github.com/ckormanyos/real-time-cpp/tree/master/ref_app/src/util/STL
Cheers, Chris
 

     On Tuesday, December 9, 2014 1:06 PM, Andrew Marlow <marlow.agents_at_[hidden]> wrote:
   

 On 9 December 2014 at 11:57, dgutson . <danielgutson_at_[hidden]> wrote:

> On Fri, Dec 5, 2014 at 6:37 AM, Andrew Marlow <marlow.agents_at_[hidden]>
> wrote:
> > Hello fellow boosters,
> >
> > I am currently considering a job which involves embedded safety critical.
> > It is for a neonatal ventilator so the safety critical aspect really is
> > critical rather than just 'jolly important'. The company says the
> > development will be in C++ but they have not even heard of boost, let
> alone
> > use it. They introduced me to a new acronym, well new to me anyway: SOUP.
> > It stands for Software of Unknown Pedigree. They classify boost as SOUP.
>
> Hi Andrew, and everybody.
> This is a so fruitful thread, full of information.
>

Indeed. Many thanks to all those who have contributed so far.

> Question to Andrew: what about the STL then, do they classify as SOUP
> too? Or they have a verified implementation?
>

The STL is suspect and they do classify it as SOUP. They do not have a
verified implementation, they use the one that comes with Visual Studio
2008. Since it is viewed with suspicion only certain parts of it are used.

>
> Regarding the others, sorry the spam, but I don't want to loose this
> opportunity: I'm pursuing the creation of a "C++ for embedded and
> real-time systems" Study Group within the Standard, so I'd like to
> invite interested people to join to the mailing list in order to
> participate in the discussions and in the proposals. For those
> interested, just email me privately.

Will do. Thanks for the heads up.

> Maybe, we could broaden the
> group's scope to include safety critical systems too (just thinking).
>
>  Daniel.
>

-- 
Regards,
Andrew Marlow
http://www.andrewpetermarlow.co.uk
_______________________________________________
Unsubscribe & other changes: http://lists.boost.org/mailman/listinfo.cgi/boost
   

Boost list run by bdawes at acm.org, gregod at cs.rpi.edu, cpdaniel at pacbell.net, john at johnmaddock.co.uk