本來暫時唔想再寫 Java 同 AutoTrac 3 嘅問題，只不過，Hong Kong Java User Group 呢班友，知得唔比我多，仲要學人批鬥人，我大學用 Java 到幾年前至停，同埋我本身有啲航空背景。我諗我有必要提出進一步質疑，免得一班傳教仲大過天嘅友仔，幫CAD打人打得咁過癮。
Safety-Critical Java 與AutoTrac 3
航空有關嘅應用，一般係視為 Safety-Critical 嘅應用，而Java為咗進軍呢方面領域，係有另一啲Java標準同JVM係serve呢件事，呢個標準叫 Safety-Critical Java Technology Specification ，好多航空人，都知道係乜嚟，所謂軍用有用 Java ，果啲 Java 程式，係跟呢套標準，唔係跟一般 Java 。
Safety-critical systems can be defined as systems in which an incorrect response or an incorrectly timed response can result in significant loss to its users; in the most extreme case, loss of life may result from such failures. For this reason, safety- critical applications require an exceedingly rigorous validation and certification process. Such certification processes are often required by legal statute or by certification authorities. For example, in the United States, the Federal Aviation Administration requires that safety-critical software be certified using the Software Considerations in Airborne Systems and Equipment Certification (DO-178B  or in Europe, the ED-12B ) standard controlled by an independent organization.
The development of certification evidence for a software work-product used within a safety-critical software system is extremely time-consuming and expensive. Most safety-critical software development projects are carefully designed to reduce the application size and scope to its most minimal form to help manage the costs associated with the development of certification evidence. Examples of the resulting restrictions may include the elimination or severe limitations on recursion and the rigorous and careful use of memory, especially heap space, to ensure that out-of-memory conditions are precluded.
- 香港民航處，點解俾一個明顯唔符合safety-critical systems 要求嘅系統出街？個程序出咗乜事？
- AutoTrac 3用嘅JVM，係唔係一個根據SCJ標準寫嘅JVM，業界得幾個JVM啱呢個要求，點解唔交代？
- SCJ標準講明 to ensure that out-of-memory conditions are precluded，點解會出現2.5GB 就出事嘅情況
特別係 DO-178B Level A要求敘明
Level A: Software whose anomalous behavior would cause or contribute to a failure of system function resulting in a catastrophic failure condition for the aircraft. A catastrophic failure is one which would prevent continued safe flight and landing.
AutoTrac 3已經係level A fail，我唔明點解咁都過得關。
而好多Java傳教士，話Java有 garbage collection，呢件事，係唔適合喺用SCJ標準寫嘅program，因為SCJ係用 Real-time Java，
The following defines the requirements for the SCJ memory model that enables object creation without requiring garbage collection, avoiding memory fragmentation, and without a need to explicitly free memory:
呢件事上，好我慎重再請教航空相關嘅人，無話 Java 完全唔用得航天領域，但如果係去到 DO-178B Level A 或 B嘅應用，會用得十分之保守。民航處係一定有失誤，但SCJ呢個技術，都係近十年至發展，用喺ATC係上係唔係太勇？值得大家思考。
後話：由今日開始，立場新聞同香港獨立媒體將會係本blog拒絕往來戶，而Hong Kong Java User Group 任何留言，一定block，呢件事上，無乜對話空間可言。證明呢班友，自己唔識仲要鬧人唔識，如果佢地一早知乜叫 Real-Time Java 或者 Safety-Critical Java，我或者唔會選擇同佢地開拖。有重大問題上唔分輕重，又唔係真係識嘅人，我亦無必要教曉佢地。