On 6 Dec 2014 at 8:46, Edward Diener wrote:
My last consulting job was for a company essentially doing "safety critical work" ( they were periodically inspected/checked by the FDA ). They felt that Microsoft's MFC and VC++ standard libraries were "safe" but I could not convince them that using Boost libraries were "safe". They were upset when they found bug reports against some Boost libraries, but evidently were not at all upset when I conversely pointed out bug reports against MFC and the VC++ compiler.
"Safe" in this context means there is someone to sue. It has a huge effect on insurance premiums if there is no one to sue, you can't securitise and package off the risk you see because of counterparty risk. Also, "safety critical" isn't some nebulous adjective. It's rigorously defined in an IEC standard. And put simply, it means you cannot put software which has not been verified by someone recognised by insurers into a safety critical system. That perversely enough can mean that stonking pieces of known crap closed source software can be allowed in, while almost all open source is almost always excluded because its review processes aren't recognised by insurance. There are occasional exceptions, for example SQLite3 someone paid for a full SIL verification and analysis, so it gets in. Its unit test suite really is the gold standard for computer software, it's *amazing*. And compared to SQLite3's testing, we here in Boost are in the stone age - but then we are nothing like as well financed. Niall -- ned Productions Limited Consulting http://www.nedproductions.biz/ http://ie.linkedin.com/in/nialldouglas/