!standard H.00 03-10-23 AI95-00347/02 !standard 1.1.2(13) !standard H.00(1) !standard H.04 !standard H.04(2) !class amendment 03-08-11 !status Amendment 200Y 03-10-23 !status ARG Approved 10-0-0 03-10-03 !status work item 03-08-11 !status received 03-08-11 !priority Medium !difficulty Easy !subject Title of Annex H !summary The name of Annex H is changed to High Integrity Systems to bring it in line with the term used extensively for these systems. Wording is introduced to make it clear that the Ravenscar profile is appropriate to high integrity systems. !problem Since 1995 the general term, high integrity systems, has become the standard way of identifying systems that have high reliability requirements and are typically subject to extensive amounts of static analysis. It subsumes terms such as safety and security. It is also true that the Annex does not identify any security specific issues and hence the current title is somewhat confusing. One possible reading of the Annex is that no tasking features should be used in high integrity systems. There is a need to explicitly refer to the Ravenscar profile in this Annex. !proposal The HRG proposes the following word changes. WG9 has sanctioned the change to the title of this annex (June 2003 meeting). !wording Change 1.1.2(13) to Annex H, "High Integrity Systems" Change title of Annex H to High Integrity Systems Change first sentence of H(1) to This Annex addresses requirements for high integrity systems (including safety-critical systems and security-critical systems). Change title of H.4 to H.4 High Integrity Restrictions Add the following sentence to the end of paragraph H.4(2) Pragma Profile(Ravenscar) applies in this Annex. !discussion (See problem.) !example Not appropriate. !corrigendum 1.1.2(13) @drepl @xbullet @dby @xbullet !corrigendum H.00(00) @drepl Safety and Security @dby High Integrity Systems !corrigendum H.00(1) @drepl This Annex addresses requirements for systems that are safety critical or have security constraints. It provides facilities and specifies documentation requirements that relate to several needs: @dby This Annex addresses requirements for high integrity systems (including safety-critical systems and security-critical systems). It provides facilities and specifies documentation requirements that relate to several needs: !corrigendum H.04(00) @drepl Safety and Security Restrictions @dby High Integrity Restrictions !corrigendum H.04(02) @drepl The following restrictions, the same as in D.7, apply in this Annex: No_Task_Hierarchy, No_Abort_Statement, No_Implicit_Heap_Allocation, Max_Task_Entries is 0, Max_Asynchronous_Select_Nesting is 0, and Max_Tasks is 0. The last three restrictions are checked prior to program execution. @dby The following restrictions, the same as in D.7, apply in this Annex: No_Task_Hierarchy, No_Abort_Statement, No_Implicit_Heap_Allocation, Max_Task_Entries is 0, Max_Asynchronous_Select_Nesting is 0, and Max_Tasks is 0. The last three restrictions are checked prior to program execution. Pragma Profile(Ravenscar) applies in this Annex. !ACATS test No test is needed. !appendix From: Alan Burns Sent: Monday, August 11, 2003 8:20 AM Here is a new AI from HRG that proposes the change in the title of Annex H - is this the shortest AI? [This is version /01 - ED] **************************************************************** From: Robert A Duff Sent: Monday, August 11, 2003 8:51 AM Perhaps, but I doubt if it will engender the shortest discussion. ;-) **************************************************************** From: Alan Burns Sent: Monday, August 11, 2003 9:07 AM Thats OK - shortest discussion is usually 'no way, next AI'. **************************************************************** From: Robert Dewar Sent: Monday, August 11, 2003 9:16 AM I am sure someone has pointed this out, but this means that H is now mnemonic (H for high integrity). That means the HRG can now consider itself the high integrity Ada rapporteur group ****************************************************************