Java Becoming Solution for Safety-Critical Applications

By Jennifer deJong

August 16, 2007 —

Safety-critical applications—such as those that let an aircraft fly on autopilot—have long been written in Ada or C/C++. But now Java appears poised to become the language of choice for developing software that cannot afford to fail.

“The industry wants to leverage mainstream technologies for safety-critical development efforts,” said Kelvin Nilsen, chief technology officer for Aonix, which released PERC Pico, its safety-critical Java offering earlier this year. Writing such applications in Java provides technical advantages compared with developing them in C/C++, he said. “C and C++ expose the programmer to vulnerabilities that made the code difficult to maintain and certify. Those languages were not designed for safety-critical applications.”

But Ada was. And if it falls out of favor for safety-critical development efforts, it is not because the language isn’t up to the task, Nilsen said. “Ada is technically strong for safety-critical. It was designed for that purpose.”

But fewer and fewer developers are skilled in Ada, which dates back to the early 1980s, and increasingly it is perceived as an older language, added Doug Locke, specification lead for the expert group working on Java Specification Request (JSR) 302, known as Safety Critical Java Technology.

Locke was engaged by IT consortium The Open Group to lead the JCP effort. “Technically there is nothing wrong with Ada. But if you have Ada on your resume, you will have trouble getting jobs.”

In practice, language decisions get made for reasons other than technical ones, noted Robert Dewar, president and CEO of AdaCore, which provides Ada tools and services. “Language choice has always been significantly a matter of personal taste and enthusiasm, and there are lots of Java enthusiasts around.”

AdaCore is a member of the JSR 302 expert group.

Comply Before You Fly
Locke said that JSR 302 is expected to reach completion by year’s end. The specification builds on the earlier Real Time Specification for Java (RTSJ), the result of JSR 1. RTSJ, among other things, devised a way for Java to carry out garbage collection—its scheme for managing memory allocation—without creating the unacceptable delays that real-time applications, such as those carrying out stock market transactions, cannot tolerate.

Real-time is also key for safety-critical applications, but they are further complicated by the need to comply with standards, such as DO-178B, which the Federal Aviation Administration depends on to certify systems that an aircraft relies on for operation. “You have to prove that the application will not throw exceptions it cannot handle,” said Locke. “That is the big issue we are dealing with.” Another challenge is making sure the code doesn’t become so complex that it is too difficult to certify, he said.

The expert group working on JSR 302 has faced political challenges as well. Two of its members—Aonix and German software firm aicas—have already delivered safety-critical Java offerings, and the decisions each has made in its products have influenced their views on how the specification should be implemented, Locke said. “It has caused some friction.” At issue is which set of assertions and corresponding static analysis mechanisms the specification should implement. “The dilemma for the group is how or whether to combine them,” Locke said.

Assertions are essentially the rules that specify how a safety-critical Java application guarantees it won’t fail.

When asked whether Aonix’s contributions to JSR 302 are biased, Nilsen said, “We certainly have our opinions on what the spec should look like. Every company has a bias. But we will find some common ground, and the specification will standardize that, leaving room for vendors to augment the spec,” he said. “That is the nature of the marketplace.”

Safety-critical development efforts are moving increasingly into the Java arena, but that doesn’t mean enterprise Java programmers are necessarily qualified to write them, said AdaCore’s Dewar. “An argument you will also hear is that it is easier to find Java programmers than Ada programmers. This is quite true, but irrelevant.”

What is needed for building safety-critical systems are engineers trained in the techniques of safety-critical systems, he said. Nilsen didn’t disagree. “It’s not so much you can repurpose the Java developer [for safety-critical applications] but you can repurpose a lot of software created around the Java platform,” he said.

Share this link: http://www.sdtimes.com/link/31052

JavaFX early access set for summer release Sun Microsystems said yesterday at JavaOne 2008 that an early release of its JavaFX platform for developing rich Internet applications for multiple platforms is due in July 2008, with a final release in the spring of 2009.

Apache Pivot brings Java into RIA world Open-source Java-based RIA framework brings speed of other RIA development environments to a pure Java world

Java 2009: The language moves to the platform A pair of major acquisitions has potentially diminished Sun's sphere of influence over the language

Comments

07/23/2009 04:35:15 AM EST

Java its easy to learn and code than ADA. Thats why new programmers are coming in Java than in ADA. Also,since more applications are developed in Java, people learn to get job. Though,the Real-time Application development skill is NOT as same as normal businees application, the developers of RTSJ- RealTimeSpecificationforJava forum will think and develop such JSR. How do you people see "Testing of Avinoics applications - in Java" as a challenge ?

IndiaKarthi

Add comment

Name*
Email*
Country

Comment
Preview

News on Monday
more>>
SharePoint Tech Report
more>>

Download Current Issue
ISSUE 3/15/2010 PDF

Need Back Issues?
DOWNLOAD HERE

Receive the print Edition?

Google Code turns 5
Google Code Turns 5, and adds a Paxos Algorithm to make the system more stable and reliable.
03/17/2010 11:16 AM EST

Test your Visual Studio 2010 know-how
Microsoft is offering free beta certification exams for Visual Studio 2010.
03/17/2010 11:08 AM EST

Microsoft lifts the hood on IE9
Microsoft is previewing IE9.
03/16/2010 01:10 PM EST