EBERARD@USC-ECLB.ARPA (Edward V. Berard) (10/03/85)
I have good news and I have bad news. The good news is that DOD-STD-2167, the new DoD standard for software development (which supersedes DOD-STD-1679A (NAVY) and MIL-STD-1644B (TD)), does indeed address Ada technology. Specifically, in Appendix C of the copy I have (dated 4 June 1985), the following paragraph appears: "30.2 Applicability. This appendix contains design and coding standards generally applicable to all programming languages. However, it does not provide complete design and coding standards for some higher order languages with advanced capabilities (e.g., Ada, PROLOG, etc.). In such cases, the contractor should propose additions to this appendix in either the the SSPM or SDP (see Appendix D) and obtain contracting agency approval." The good news appears to get even better. There is a MIL-HDBK-287, the "Defense System Software Development Handbook." This handbook is currently under formal review and will supersede DOD-HDBK-281. The copy I have is dated 6 September 1985. On page 43 of MIL-HDBK-287, starting with paragraph 4.4.17, there is a discussion of "Use of Ada with DOD-STD-2167 and Associated Standards." Among other things, this paragraph says: "This language, because of its advanced constructs, needs its own set of coding standards, as well as an explanation of how it maps to DOD-STD-2167 terminology. Appendix B provides a general set of coding standards that can be implemented on all Ada programs. The mapping of DOD-STD-2167 terminology to Ada is as follows:" This is followed by four paragraphs which talk about the mapping of Ada program units to DOD-STD-2167 terminology. Those of you who have any kind of background in software development methodologies and Ada, should recognize the above as the beginning of the bad news. DOD-STD-2167 is oriented almost exclusively towards a functional decomposition approach to software development. This makes the use of modern software engineering technology particularly difficult. Object oriented approaches (e.g., Object Oriented Design ala Booch or Love) and modeling approaches (e.g., Jackson System Development) are far better for Ada software development than functional decomposition. (I know this is a strong claim, yet I, and others, can back it up with empirical evidence, if you are interested.) In addition, concepts like "design a little, code a little" and prototyping have proven useful in the software development process, yet they do not seem to fit within the rigid mold cast by DOD-STD-2167. (Yes, I know that clever Ada software developers can "work around" the restrictions imposed by DOD-STD-2167, but they should be able make use of sound software engineering methodologies in a straightforward manner without having to subvert the intentions of the DoD.) [It seems inconsistent that the same organization, i.e., the DoD, can sponsor both DOD-STD-2167 and METHODMAN I & II. The former would have been an excellent document in the late 1960s, and the latter documents at least get us to the early 1980s.] The bad news gets worse. A quick check of Appendix B in MIL-HDBK-287 reveals that the authors have an uneven knowledge of both Ada and software engineering. Consider the following direct quotes: "20.6.1.2 Loops without exits (i.e. a loop without a FOR clause, a WHILE clause, or a nested exit statement) shall be used only in task bodies. In general, an infinite loop is a programming error. However, in Ada they do find use in the body of a task that must continue its function as long as the program is running." [This is a strange restriction, especially given that Ada is intended to be used in real-time applications where infinite loops are far more common than in non-real-time applications. Yes, infinite loops will show up most commonly, *but not exclusively*, in task bodies.] "20.10 Tasking. Ada tasking shall be used to implement parallel processing. Ada provides tasking features to allow parallel processing to be expressed within the language." [This statement I find particularly confusing. Does the author mean that I should not attempt to implement parallel processing using some other feature of the language?] "20.10.4" A task shall not call its own entries. This will result in a deadlock situation." [I find this admonishment particularly insulting. Do they think that a professional software engineer would produce code which would attempt this, and that the testing of the software would be so slipshod as not to detect such a blatant error?] There is no mention of generics in Appendix B. Maybe the concept of data abstraction is foreign to the author(s). To be fair, there is some sound advice contained in Appendix B of MIL-HDBK-287. Concepts like information hiding and abstraction are mentioned and strongly suggested. I agree with many of the coding suggestions made in the appendix. However, the level of the discussion in Appendix B indicates that the author(s) has a strong background in a language other than Ada (possibly Pascal). Sadly, both DOD-STD-2167 and MIL-HDBK-287 treat Ada as "just another coding language with some 'advanced capabilities'" which must be mapped into the FORTRAN mindset. The bad news gets even worse. It is extremely difficult to introduce new software technology. Even with DoD Directive 5000.31, it is difficult to insert Ada technology within an organization. Particularly enlightened organizations have realized that the language by itself is not enough, i.e., it must be used in the context of modern software engineering technology to achieve maximum benefits. Organizations such as Magnavox and Ford Aerospace have made radical changes in their treatment of the software life-cycle to accommodate not only the Ada language, but methodologies like Object Oriented Design. These changes involve a great deal of time money and effort. These organizations, and others, have been frustrated when they find that their contracting offices only think of Ada as a programming language, and in fact *discourage* the use of modern software engineering. It is not only the DoD contractors who must be educated in the new technology. The contracting agencies themselves must be aware of, appreciate, and *accommodate* modern software engineering technology. The DoD is to be commended for attempting to bring order out of the chaos which all too often characterizes software development. However, the current solution (i.e., DOD-STD-2167) penalizes better solutions in favor of 1960s style software development methodologies. The solution to the problem is to develop a software development standard which is capable of recognizing a variety of superior development methodologies. -- Ed Berard [If you are wondering why you haven't heard about MIL-HDBK-287, the list of reviewers, which includes organizations like EIA, AIA, IEEE, NSIA, and SSQ, does *not* include ACM, SIGAda, or AdaJUG.] P.S.: If you are interested in doing something about DOD-STD-2167, positive or negative, you should contact the newest SIGAda working group: "DOD-STD-2167 Constraints Upon Ada-Oriented Methodologies." The point of contact is: Mr. Donald Firesmith Magnavox Electronic Systems Company Advanced Software Systems Department TC-10-C-3 D519 1313 Production Road Fort Wayne, IN 46808 (219) 429 - 4327 -------
macrakis@HARVARD.HARVARD.EDU (Stavros Macrakis) (10/14/85)
Agreed: Dod needs to do some work in making its software development standards reasonable. Agreed about functional decomposition vs. other approaches. I have never understood the structure of Dod software development standards, but I understand they are trying to incorporate prototyping and the like into at least one of these standards. 20.10 I believe this is intended to keep programmers from using the traditional method of making run-time executive calls. In the olden days (before Ada), real-time tasks typically were scheduled using such calls as call RepetitiveProcess(subroutine_name,time_interval) which would call the subroutine every so often. Note that the subroutine did not have a thread of control from one execution to the next, so all state information had to be kept in global variables. What 20.10 also appears to exclude, incorrectly, is the use of Ada tasks for coroutining (cf. Jackson -- but the technique goes back about 20 years before Jackson). As for Sadly, both DOD-STD-2167 and MIL-HDBK-287 treat Ada as "just another coding language with some 'advanced capabilities'" which must be mapped into the FORTRAN mindset. perhaps they are just being realistic. It is going to take many years of education (more than just training) to get old Fortran/Jovial/CMS-2 programmers into Ada-land. Isn't there some mechanism for commenting on 2167? -s