Flying With Python (Strong versus Weak Typing)
Peter Hansen
peter at engcorp.com
Tue Mar 11 17:10:55 EST 2003
Mike Silva wrote:
>
> Alex Martelli <aleax at aleax.it> wrote in message news:<hkiba.49303$zo2.1483266 at news2.tin.it>...
> > ....isn't it obvious that it's totally
> > irrelevant to the system's overall safety whether the compiler has
> > performed the further smattering of semantically puny "verifications"
> > allowed by mandatory-declaration, stating-typing languages?
> >
> > Static typing makes it easier for the compiler to generate fast
> > code, and (depending also on other issues) may slightly enhance
> > programmer productivity by catching a small percentage of errors
> > a bit earlier than testing would catch them -- that's all. It has
> > no real bearing on safety issues for life-critical software.
>
> Is a factor of 100 difference in error rates of certified, fielded
> aviation software relevant?
>
> http://www.sparkada.com/downloads/Mar2002Amey.pdf
>
> (2nd page, 3rd column, re UK MoD analysis of DO-178B Level A software)
>
> Language (including, but not limited to, static typing) definitely
> makes a difference.
I don't think Alex was arguing that *language* does not matter at all,
just that the minimal extra verification provided by statically typed
languages does not much matter.
Anyway, the article doens't necessarily support the conclusion you
appear to be claiming (that static typing produced a factor of 100
improvement in error rates).
For one thing, it is comparing the SPARK results to common results
with Ada, which are then compared with common C results. C is
hardly on a par with Python as far as weak and strong typing goes
(though it is somewhat statically typed... when you avoid casting).
For another thing, the results came from not just a language, but the
approach used, including "semi-formal specifications", "thin-slice
prototyping of high risk areas" (i.e. "testing"), a "template-driven
approach" for boilerplate types of code, plus the static analysis
to which you appear to give all the credit.
Perhaps this quote summarizes it best: "Lockheed succeeded because
they had a strong process with an emphasis on requirements capture
and accurate specifications."
In other words, exactly what we've been saying.
(Disclaimer: I'm just rushing off to a meeting and having read the
whole thing, so I risk looking foolish for overlooking something
key to that article.)
-Peter
More information about the Python-list
mailing list