BS ISO/IEC TR 15942:2000
Current
The latest, up-to-date edition.
Information technology. Programming languages. Guide for the use of the Ada programming language in high integrity systems
Hardcopy , PDF
English
12-15-2000
1 Scope
1.1 Within the scope
1.2 Out of scope
2 Verification techniques
2.1 Traceability
2.2 Reviews
2.3 Analysis
2.3.1 Control flow analysis
2.3.2 Data flow analysis
2.3.3 Information flow analysis
2.3.4 Symbolic execution
2.3.5 Formal code verification
2.3.6 Range checking
2.3.7 Stack usage analysis
2.3.8 Timing analysis
2.3.9 Other memory usage analysis
2.3.10 Object code analysis
2.4 Testing
2.4.1 Principles
2.4.2 Requirements-based testing
2.4.3 Structure-based testing
2.5 Use of verification techniques in this technical
report
3 General language issues
3.1 Writing verifiable programs
3.1.1 Language rules to achieve predictability
3.1.2 Language rules to allow modelling
3.1.3 Language rules to facilitate testing
3.1.4 Pragmatic considerations
3.1.5 Language enhancements
3.2 The choice of language
4 Significance of language features for high integrity
4.1 Criteria for assessment of language features
4.2 How to use this technical report
5 Assessment of language features
5.1 Types with static attributes
5.1.1 Evaluation
5.1.2 Notes
5.1.3 Guidance
5.2 Declarations
5.2.1 Evaluation
5.2.2 Notes
5.2.3 Guidance
5.3 Names, including scope and visibility
5.3.1 Evaluation
5.3.2 Notes
5.3.3 Guidance
5.4 Expressions
5.4.1 Evaluation
5.4.2 Notes
5.4.3 Guidance
5.5 Statements
5.5.1 Evaluation
5.5.2 Notes
5.5.3 Guidance
5.6 Subprograms
5.6.1 Evaluation
5.6.2 Notes
5.6.3 Guidance
5.7 Packages (child and library)
5.7.1 Evaluation
5.7.2 Notes
5.7.3 Guidance
5.8 Arithmetic types
5.8.1 Evaluation
5.8.2 Notes
5.8.3 Guidance
5.9 Low level and interfacing
5.9.1 Evaluation
5.9.2 Notes
5.9.3 Guidance
5.10 Generics
5.10.1 Evaluation
5.10.2 Notes
5.10.3 Guidance
5.11 Access types and types with dynamic attributes
5.11.1 Evaluation
5.11.2 Notes
5.11.3 Guidance
5.12 Exceptions
5.12.1 Evaluation
5.12.2 Notes
5.12.3 Guidance
5.13 Tasking
5.13.1 Evaluation
5.13.2 Notes
5.13.3 Guidance
5.14 Distribution
5.14.1 Evaluation
5.14.2 Notes
5.14.3 Guidance
6 Compilers and run-time systems
6.1 Language issues
6.2 Compiler qualification
6.3 Run-time system
7 References
7.1 Applicable documents
7.2 Referenced documents
Gives a guide on the use of Ada when producing high integrity systems. It is usually the case when producing such applications that adherence to guidelines or standards has to be demonstrated to independent bodies. These guidelines vary according to the application area, nature of the risk involved or industrial sector.
Committee |
IST/5
|
DocumentType |
Standard
|
Pages |
60
|
PublisherName |
British Standards Institution
|
Status |
Current
|
This Technical Report provides guidance on the use of Ada when producing high integrity systems. In producing such applications it is usually the case that adherence to guidelines or standards has to be demonstrated to independent bodies. These guidelines or standards vary according to the application area, industrial sector or nature of the risk involved. For safety applications, the international generic standard is [IEC61508] of which part3 is concerned with software. For security systems, the multi-national generic assessment guide is [ISO CD 15408]. For sector-specific guidance and standards there are: Airborne civil avionics:[DO-178B] Nuclear power plants:[IEC880] Medical systems:[IEC601-4] Pharmaceutical:[GAMP] For national/regional guidance and standards there are the following: UK Defence:[DS 00-55] European rail:[EN50128] European security:[ITSEC] US nuclear:[NRC] UK automotive:[MISRA] US medical:[FDA] US space:[NASA] The above standards and guides are referred to as Standards in this Technical Report. The above list is not exhaustive but indicative of the type of Standard to which this Technical Report provides guidance. The specific Standards above are not addressed individually but this Technical Report is synthesized from an analysis of their requirements and recommendations. 1.1 Within the scope This Technical Report assumes that a system is being developed in Ada to meet a standard listed above or one of a similar nature. The primary goal of this Technical Report is to translate general requirements into Ada specific ones. For example, a general standard might require that dynamic testing provides evidence of the execution of all the statements in the code of the application. In the case of generics, this is interpreted by this Technical Report to mean all instantiations of the generic should be executed. This Technical Report is intended to provide guidance only, and hence there are no \'shalls\'. However, this Technical Report identifies verification and validation issues which should be resolved and documented according to the sector-specific standards being employed. The following topics are within the scope of this Technical Report: the choice of features of the language which aid verification and compliance to the standards, identification of language features requiring additional verification steps, the use of tools to aid design and verification, issues concerning qualification of compilers for use on high integrity applications, tools, such as graphic design tools, which generate Ada source code which is accessible to users. Tools which generate Ada source code require special consideration. Where generated code may be modified or extended, verification of the extensions and overall system will be assisted if the guidelines have been taken into account. Even where modification is not planned, inspection and analysis of the generated code may be unavoidable unless the generator is trusted or \'qualified\' according to an applicable standard. Finally, even if generated code is neither modified nor inspected, the overall verification process may be made more complicated if the code deviates from guidelines intended to facilitate testing and analysis. Potential users of such tools should evaluate their code generation against the guidance provided in this Technical Report. 1.2 Out of scope The following topics are considered to be out of scope with respect to this Technical Report: Domain-specific standards, Application-specific issues, Hardware and system-specific issues, Human factor issues in the application (as opposed to human factors in the use of the Ada language which is in scope).
Standards | Relationship |
ISO/IEC TR 15942:2000 | Identical |
BS 7925-2:1998 | Software testing Software component testing |
ISO/IEC 15408-2:2008 | Information technology — Security techniques — Evaluation criteria for IT security — Part 2: Security functional components |
ISO/IEC 15026:1998 | Information technology System and software integrity levels |
IEEE 610.12-1990 | IEEE Standard Glossary of Software Engineering Terminology |
EN 50128:2011/AC:2014 | RAILWAY APPLICATIONS - COMMUNICATION, SIGNALLING AND PROCESSING SYSTEMS - SOFTWARE FOR RAILWAY CONTROL AND PROTECTION SYSTEMS |
ISO/IEC 15291:1999 | Information technology Programming languages Ada Semantic Interface Specification (ASIS) |
SAE ARP 4754 : 2010 | GUIDELINES FOR DEVELOPMENT OF CIVIL AIRCRAFT AND SYSTEMS |
ISO 8402:1994 | Quality management and quality assurance — Vocabulary |
SAE ARP 4761 : 1996 | GUIDELINES AND METHODS FOR CONDUCTION THE SAFETY ASSESSMENT PROCESS ON CIVIL AIRBORNE SYSTEMS AND EQUIPMENT |
IEC 60880:2006 | Nuclear power plants - Instrumentation and control systems important to safety - Software aspects for computer-based systems performing category A functions |
BS 7925-1:1998 | Software testing Vocabulary |
ISO/IEC 15408-1:2009 | Information technology — Security techniques — Evaluation criteria for IT security — Part 1: Introduction and general model |
IEC 61508-1:2010 | Functional safety of electrical/electronic/programmable electronic safety-related systems - Part 1: General requirements (see Functional Safety and IEC 61508) |
ISO/IEC 8652:2012 | Information technology — Programming languages — Ada |
IEC 60601-1-4:1996+AMD1:1999 CSV | Medical electrical equipment - Part 1-4: General requirements for safety - Collateral Standard: Programmable electrical medical systems |
Access your standards online with a subscription
Features
-
Simple online access to standards, technical information and regulations.
-
Critical updates of standards and customisable alerts and notifications.
-
Multi-user online standards collection: secure, flexible and cost effective.