Most embedded programming is done in C and C++. Many languages are used for embedded applications, from Java to Lua, but C dominates.
C’s popularity is no surprise. It’s easy to learn, and every platform has a C compiler. Most chip vendors deliver free tools built around C, and popular platforms like Windows and Linux are built using C.
So why would I advocate using Ada, a language that was designed for the military by committee?
Safety, security, and reliability are becoming more critical to more embedded developers than ever before. Minimizing bugs is key, and Ada does a better job at it than C and, to a lesser degree, C++. The new contract support in Ada 2012 is one of the advantages that give Ada an edge.
Making Ada Contracts
SPARK is a subset of Ada that originally exposed contract support. Ada 2012 implements contracts for function and procedures as well as for type definitions. The full support is extensive, so the example in the figure shows only the most simplistic aspects.
In particular, Ada 2012 allows pre-conditions and post-conditions. It can be used to check arguments, the current state of an object, and results. The S’Old reference in the post-condition refers to the initial value of variables when the function is entered.
C assert macros have been used in a similar fashion, but the implementation is non-standard. It is relatively easy to apply at function entry, though it can be significantly more difficult to implement consistently for post conditions.
Another significant difference is where the definitions and check occur. The Ada example resides in a header file, while a C assert-style macro would appear in the code hidden from programmers that would be referencing the header file. Ada’s pre-conditions and post-conditions essentially are contracts given by the function definer and used by programmers that utilize the function.
Ada’s Built-In Multitasking
Several features make Ada ideal for compact and efficient embedded applications. One is support for multitasking within the language. Java offers similar support, but C and C++ turn it over to the operating system (OS), making it difficult to migrate applications because they are now tied to a particular OS and possibly a particular version of that OS.
Ada also provides rendezvous interprocess communication and scheduling so it does not address all applications, but most can fit into its framework. Ada can work with most operating systems as well, and its multitasking can be integrated with a host OS.
Free Ada compilers and development tools are available, so checking Ada out doesn’t cost anything. It’s suprisingly easy to get started with Ada, although, like C and C++, becoming an Ada maven can take a while.
Ada tends to do a bit more checking compared to most languages like C. Some of these checks can be performed using C/C++ via static analysis tools (see “What’s New In Static Analysis Technology”). Standards like MISRA C can address some of the issues that Ada has built into the language.
If Ada doesn’t fit into your developer’s toolkit, then some of these tools will. Still, incorporating these features into the programming language has a significant impact in how applications are designed in addition to helping improve the quality of the code.
There are fewer Ada programmers than C or C++ programmers. Most did not start out with Ada as their first programming language, but they tend to hold it in high esteem. The more you know about it, the more useful it becomes.
Ada is not a silver bullet, but it is a better tool for developing reliable software. It supports object-oriented and generic programming methodologies that are now common.
There isn’t enough space here to really give Ada its due. (see “C Programmers, Time To Try Ada”). Ada experts have written more detailed articles. I suggest looking them up because if you don’t, your competitors will. Ada could give you the edge you need in the future.