Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Posting-Version: version B 2.10.1 6/24/83; site fortune.UUCP
Path: utzoo!linus!security!genrad!grkermit!masscomp!clyde!floyd!harpo!seismo!hao!hplabs!hpda!fortune!rpw3
From: rpw3@fortune.UUCP
Newsgroups: net.politics
Subject: Re: Re: Do: Re: Mi: BTL takes the lead - (nf)
Message-ID: <2021@fortune.UUCP>
Date: Fri, 16-Dec-83 04:06:46 EST
Article-I.D.: fortune.2021
Posted: Fri Dec 16 04:06:46 1983
Date-Received: Tue, 20-Dec-83 01:47:25 EST
Sender: notes@fortune.UUCP
Organization: Fortune Systems, Redwood City, CA
Lines: 47

#R:pucc-h:-36800:fortune:17300010:000:2347
fortune!rpw3    Dec 16 00:47:00 1983

Ada is not an order-of-magnitude improvement, precisely for the reasons
you have all been skirting: Programmers (you, me, the rest mostly) have
not been consistently using 1/10 of the intellectual tools we have NOW
to do good work. When was the last time you wrote a program of over 250
lines (excluding precompiled libraries) that compiled the first time and
ran the first time and had no reported defects after being actually used
by its target users for six months (DeMarco's criteria for a "zero defect"
program)?

Yet we (the general community of the "best" practitioners) know how to
do that routinely but for politics, old habits, and artificially tight
schedules. I have done it (on rare occasion). It is not easy, nor
comfortable, nor does it give instant feedback to the debugging addict.
It is called "disciplined programming" (since everybody misunderstood
Dijkstra's word "structured"), and its chief mark is the ability to
write down on paper a program and its "proof" of correctness.
(proof = "the cogency of evidence that compels belief by the mind
of a truth or fact" - Webster's 3rd)

The fact is, most people who tout Ada (or any other "solution") are
looking for a magic wand to avoid having to face the fact that
programming is HARD.  Since much evidence exists that fewer than 50% of
bugs are found before delivery of the software (including EACH failure
to compile perfectly as one bug), the characteristics listed in the
first paragraph above are exactly what is needed if [**net.politics**]
we wish to, for what ever reason, trust nuclear weaponry to software.
Except, instead of "250 line programs", please read 250,000 or 2.5M
line programs.

I cannot stress enough - we need not so much fancier tools as more
disciplined habits. Why, had I composed this message the way many
programmers code, I would be sending it out full of bugs, for in
reading it before sending, I found many correctly spelled wrong words!
(For example, "due" instead of "do".) As is, I will try to make a point
and send it out without passing it through 'spell'. It is late, I may
make a mistake, but at least I did my human best BEFORE running it
through the marvelous tools.

Rob Warnock

UUCP:	{sri-unix,amd70,hpda,harpo,ihnp4,allegra}!fortune!rpw3
DDD:	(415)595-8444
USPS:	Fortune Systems Corp, 101 Twin Dolphins Drive, Redwood City, CA 94065