Imitating the big developers' process
Blame the tidal forces of rapid technological change. Vision Systems Ltd. of Australia realized that to keep its video security system competitive and maintain a healthy bottom line it needed to imitate the big software developers' process. As part of the change, its Vision Products ADPRO division switched from C to Ada95 for two of its products. The division, which specializes in the design, manufacture, and sales of video security equipment, cut five months of testing from its newest video security system, and tabulated a savings of over ninety percent in debugging time.
Vision Systems' new product, the ADPRO Amux-20CD, is an advanced video multiplexing system that records images from up to twenty cameras onto a single VCR tape. The Amux (Advanced Multiplexer) offers operators control of the twenty cameras from one monitor, which can display as many as sixteen cameras simultaneously on one screen.
The security system is passive: it does not prevent crime but records if it occurs, and can be used to tape and find suspects. The picture quality and update rate are excellent, and are currently installed in a hundred sites, including a U.S. banking group.
Demand for such systems has always been brisk, and is currently enormous. According to Simon Heath, Product Development Manager, Vision Systems is following the lead of such software developers as Motorola, Hewlett-Packard, and Boeing. The company realized that its process could not improve without a baseline for defect rates, lines of code per day, etc. As a result, Heath has at his fingertips comparisons between its new product in Ada, and the last two years of
Amux's C code.
"We enter all our errors in PVC Tracker," Heath explained, "which tabulates how long it takes to fix them, and then compare them with our history." The company chose Ada because it is a strongly typed language, and therefore enforces a more rigorous compiletime check on the interfaces between software modules. "With larger development teams, it's usually the integration phase which is the most time consuming," Heath said. "with Ada we had very few problems in this area."
The division found that just ridding the software of C's undefined pointers and array index out of bounds errors translated into a significant savings, as these were traditionally the most time-expensive errors to find. In Ada, engineers found one error every 270 lines, compared with C, which recorded one bug every eighty. The time spent fixing error rates plummeted from a traditional four hours to twenty minutes.
Oranges vs. Oranges
"We don't believe it's that good," Heath admits. When forced into a C implementation for software
that directly controlled the processor, the software engineers often ran into harder-to-fix errors.
"I'd like to normalize the comparison to oranges vs. oranges," Heath said. "No question, however,
that by switching to Ada, we have substantially reduced our debug time."
Surprisingly, writing a line of Ada did not require any more time than writing a line of C.
When the ADPRO division spent fewer hours finding errors, Ada therefore realized a net savings for them, or a pure profit.
Also, the company changed its process to one of team responsibility instead of depending on one or two individuals. As a result, they needed Ada's more rigorous compile-time checking for testing elements developed by more than one person. This resulted in a second tier of savings in developing the new video security system: shorter test times.
"The last product took nine months to test," Heath said. "The Amux was tested from Sept. 1 to Dec. 24, or in less than half the time." The company plans to slice the test time for the next version of Amux again almost in half. "We hope to get at least fifty percent reuse," Heath said. Only with Ada did his division begin to plan for reuse. "Half your code is tested, effectively, and doesn't need to be retested."
The AMUX software was a generational change from an Intel 80186-based processor to a higher-end Power PC; from C to Ada95; and to a real-time operating system (RTOS). Heath reports quite positive experiences with Green Hills AdaMULTIŽ development environment, hosted on Solaris Unix, and targeted to VxWorks, WindRiver Systems' RTOS. Part of AdaMULTI, an Ada95 cross compiler maps the language's standard tasking constructs directly onto VxWorks' real-time features. AMUX is thus more portable, and Vision Systems less vulnerable to RTOS vendors' pricing whims.
Finally, Heath says that the company wanted to use a validated product because of its first serious investment in development tools. "We needed a warm and fuzzy feeling that the tools were reliable," Heath admits. "We can't get validation for C but can for Ada, and so it's some comfort that the integration between the compiler and the tools worked."