Draft API for safety-critical Java (subset of RTSJ and J2SE)

Introduction:

I apologize it has taken me so long to generate this javadoc. I have been working on this in every spare moment for the past several weeks. I just don't have enough spare moments...

Here are some clarifications and explanations:

1. I used the Beta JDK 1.5 compiler to compile all of this code and to produce the javadoc. I do not yet have any tools to validate consistency of the meta-data annotations. The intent is that a safety-critical Java byte-code verifier would provide this consistency checking.

2. There are a few bugs in the JDK 1.5 javadoc. In particular:

a) Annotations associated with parameters are not being displayed, and

b) Annotations associated with constructors are not being displayed.

For both of these, I went back and inserted redundant comments into the corresponding javadoc commentary. Another shortcoming of the 1.5 beta software is that mif-doclet has not yet been released.

3. I have not yet had time to scrutinize this source with a fine tooth comb.

There are likely to be errors and/or inconsistencies. Please let me know if you turn anything up. More detail is needed in many descriptions, especially those of the java.lang package. In case it is not perfectly clear, my proposal is that the API described in the attached zip file represent the entire safety-critical Java platform. Any library not described here is not "generally" available to safety-critical developers.

Individual vendors are free to supplement the platform with additional libraries if they choose to do so, but those additional libraries should be clearly distinguished from the "standard platform".

4. A careful reader of the draft spec raised the following question: In each of the following code fragments, what method(s) does the InvocationMode apply to

assert StaticLimit.InvocationMode(MyMode);

x =3D y ? foo() : bar() + zot();

assert StaticLimit.InvocationMode(YourMode);

x =3D foo(bar(), zot());

This needs to be clarified. I'm inclined to say that the effects of each InvocationMode assertion endure until a subsequent contradictory InvocationMode assertion. We can discuss when we next meet.

5. The same careful reader says: "It bothers me that some of the StaticLimit assertions apply to the next statement (e.g. InvocationMode) while others apply to the previous statment (e.g. ArrayLength). This seems like an easy source of programmer errors." We should discuss this as well. There is "good rationale" for the way things are currently specified, but maybe I have to do a better job of explaining it.

----

Kelvin Nilsen, Ph.D.

Chief Technology Officer

Aonix North America

877 S. Alvernon Way, Ste. 100

Tucson, AZ 85711

520-323-9011, ext. 118 (direct), 520-991-6727 (cell), 520-323-9014 (fax)

About Aonix

Aonix is a global independent provider of Software Engineering Development Environments with more than 20 years of experience.

Our products cover Analysis and Design (Ameos�, Software through Pictures� and Architecture Component Development�), GUI Design (TeleUSE�) and implementation in Ada (ObjectAda�, AdaWorld�), Java� platform support for Embedded Systems (PERC�), high-performance and certifiable Real-Time kernels (RAVEN�, SmartKernel�) and Software-Testing.

As a pioneer in current market trends such as Model Driven Architecture� (MDA), Real-Time Java and in the development of safety-critical applications Aonix addresses the needs of mission- and safety-critical applications for various industries including Avionics, Space, Defense, Transportation, Telecoms, Automotive, and Industry in general.

Professional training, consulting and local technical support guarantees our customers the successful development and deployment of their applications.

Headquartered in San Diego, CA and Paris, France, Aonix operates sales offices throughout North America and Europe in addition to a network of international distributors.

Aonix Contact Information

North America Phone: (800) 97-AONIX Fax: (858) 824-0212 E-mail: info@aonix.com www.aonix.com		France Phone: +33 (0) 1 4148-1000 Fax: +33 (0) 1 4148-1020 E-mail: info@aonix.fr www.aonix.fr
United Kingdom Phone: +44 (0) 1491 415000 Fax: +44 (0) 1491 571866 E-mail: info@aonix.co.uk www.aonix.co.uk	Germany Phone: +49 (0) 7243 5318-0 Fax: +49 (0) 7243 5318-78 E-mail: info@aonix.de www.aonix.de	Sweden Phone: +46 (0) 8 6 01 94 91 Fax: +46 (0) 8 6 01 94 99 E-mail: info@aonix.se www.aonix.com