status of Programming by Contract (PEP 316)?

Carl Banks pavlovevidence at gmail.com
Sat Sep 1 22:28:33 EDT 2007 

On Sat, 01 Sep 2007 08:38:38 -0300, Jorge Godoy wrote:

> Carl Banks wrote:
> 
>> This is starting to sound silly, people.  Critical is a relative term,
>> and one project's critical may be anothers mundane.  Sure a flaw in
>> your flagship product is a critical problem *for your company*, but are
>> you really trying to say that the criticalness of a bad web search is
>> even comparable to the most important systems on airplanes, nuclear
>> reactors, dams, and so on?  Come on.
> 
> Who said they were the same? 

The word I used was "comparable".

> I said that just because it doesn't take
> lives it doesn't mean it isn't important.  I wasn't going to reply to
> not extend this, but this misunderstanding of your was bugging me.

Well, I wasn't talking about "importance", actually.  Importance is 
really a matter for sociologists.  Perhaps you can find a sociologist who 
would agree that a health monitoring system is more important than an 
aircraft control system (probably wouldn't be too hard, actually, 
especially if it's a military aircraft).  I could hardly argue with that.

But, frankly, importance to society is only a small part of what 
determines criticalness of the application; and criticalness is what 
factors into a decision on what programming language to use.  Here are 
some of the main factors that determine criticalness:

How much time is there between failure and catastrophe?  What is the cost 
(societal and/or economic) of a catastrophe?  How recoverable is a 
failure?  What is the degree of difficulty of the programming?  Do small 
errors accumulate?  How many government regulations does the code have to 
meet?  What is the acceptable failure rate before an application is 
allowed to deploy?  How much money is being spent to ensure flawless 
operation before it even deploys?

By these criteria, Google web search, your health monitoring system, a 
bank transaction system, etc., hardly compare to something like aircraft 
control.  I'm sorry.


> I use Python on systems that deal with human health and wrong
> calculations may have severe impact on a good sized population.  Using
> Python.

Cool. Not that, by itself, would be enough to make me feel good about 
Python on airplanes.


> As with nuclear reactors, dams, airplanes and so on we have a lot of
> redundancy and a lot of checkpoints.  No one is crazy to take them out
> or even to remove some kind of dispositive to allow manual intervention
> at critical points.

Really?  I must work with crazy people then, because we are working on a 
full authority control system: no bypassing the computer, no manual 
intervention.


Carl Banks

More information about the Python-list mailing list