Re: “My love-hate relationship with C”: Unfortunately for the software development industry, it seems like the inmates are running the asylum. An article in the September 2003 issue of IEEE Computer Magazine reported glowingly about “Building Better Software with Better Tools.” After repeating well-known recent problems with faulty software, the authors introduce the solution: “major vendors are now working on automating and improving the debugging process.” An associate I used to work with was fond of saying that if you're debugging now you had to be bugging earlier.
W. Edwards Deming, known for bringing quality improvement concepts to Japan following World War II, urges in the third of his 14 Points for Management to “Cease dependence on inspection to achieve quality. Eliminate the need for inspection on a mass basis by building quality into the product in the first place.”
I wonder why we are still widely using programming languages that easily permit defective software to be produced. The answers seem to be market popularity (everyone is jumping off the cliff so I will too); inertia (we can't find anyone who knows anything else); or that it is just plain more fun debug (and be late and over budget) than to do it correctly in the first place.
My goal is to learn Ada 95. My current employer has some projects using Ada, but I have not worked on any of them. A web site reporting results on the use of Ada and on development processes such the Software Engineering Institute's (SEI) Personal Software Process (PSP) and Team Software Process (TSP) is the CrossTalk Magazine archives . The SEI web site has information on the PSP and TSP along with reports of improved development results of projects using them.
For software that needs formal proof of correctness there is the SPARK 95 annotation language on top of a subset of Ada 95. It supports a concept called “correctness by construction.” (you can find information about this concept here and here). According to information on the web site, one large avionics project “showed that SPARK code — which had been subjected only to the first well-formation stage of analysis — had only one tenth of the residual anomalies as comparable full Ada and only one hundredth of those found in parts of the system written in C.”
We seem near the point in Internet use where e-mail programs and web browsers (and perhaps operating systems) are worthy of development practices that produce code of the highest integrity. Yet the market does not yet demand it. This is a sad state of affairs.