Re: [xsl] Is there an XSLT/XPath processor good enough to use in life-critical applications?

Subject: Re: [xsl] Is there an XSLT/XPath processor good enough to use in life-critical applications?
From: "Michael Kay mike@xxxxxxxxxxxx" <xsl-list-service@xxxxxxxxxxxxxxxxxxxxxx>
Date: Fri, 15 Nov 2019 17:06:41 -0000
Hardware fails randomly: it's meaningful to talk about the probability of
failure.

Sofware fails predictably. With very rare exceptions, a program either works
correctly every time, or it never works at all. Probability of failure is
therefore a meaningless concept. (The main exceptions are (a) multithreading
effects, and (b) when the program is supplied with abnormal input.)

Of course, all software has bugs, and that includes XSLT/XPath processors.
Bugs in a compiler don't usually have a serious effect on safety-critical
systems because nearly all compiler bugs are found while developing and
testing the user application; they don't suddenly spring into life in the
middle of the night when the patient is on the operating theatre.

(I remember a three-day trial of a mainframe operating system prior to
release. The success criterion was that it achieved a mean time between
failures above 24 hours. In the event there were 3 failures over 72 hours.
They were all caused by the operator loading a particular deck of cards upside
down. After three crashes he realised his mistake, and didn't do it again.
What was the probability of that happening?)

Michael Kay
Saxonica

> On 15 Nov 2019, at 12:09, Costello, Roger L. costello@xxxxxxxxx
<xsl-list-service@xxxxxxxxxxxxxxxxxxxxxx> wrote:
>
> Hi Folks,
>
> Are you using XSLT/XPath in a life-critical application such as controlling
a nuclear power plant or controlling an aircraft flight system?
>
> Can an XSLT/XPath processor be relied on to always return the correct
results when given a valid XSLT/XPath program and a well-formed XML document?
Is it possible to quantify or bound the correctness of an XSLT/XPath
processor? Is there an XSLT/XPath processor that limits the probability of
getting an incorrect result to 10**(-9)?
>
> /Roger

Current Thread