I received the green postcard announcing that "Ada is Green", meaning that of the four candidates for Ada, the Green design had won. That was a long time ago.
The big problem in the early days was getting a compiler. DoD had a test suite for the compiler, and only compilers that passed could use the Ada name. They also had a "floor equals ceiling" rule - no missing features, no extra features. Compilers were to be feature-compatible.
That's how aerospace does things. The interface spec defines the interface. If something is incompatible with the interface, it's defective. It's why you can take Pratt and Whitney engines off a 767 and put on GE or Rolls Royce engines. DoD took the position that a compiler was a part with a specification.
Ada was a big language back then, and some of the compiler companies underestimated the job. Ada compilers were quite expensive - one for the M68000 was $40,000. I ordered that one when I was with a big aerospace company. When it showed up as a magnetic tape, it came with an unexpected cover letter, saying that this wasn't a validated compiler, and the validated compiler would follow - someday. No go. Quality control reject. Red tag attached: "REJECTED BY INCOMING INSPECTION - DOES NOT CORRESPOND TO SPECIFICATION". Purchase order says "validated compiler". Tape returned to vendor. Vendor tries to get out of giving refund. Legal department hammers vendor until they pay up. Meanwhile, another vendor ships a validated compiler, and that is ordered and used. That's how aerospace used to do things.
The compiler price was a big problem for non-Government customers. That contributed to the lack of adoption. We had great hopes for Ada, having used Modula successfully. But it was not to be.
I might be completely wrong here, but I get the feeling that thanks to the rising costs[0] of writing software in C and C++, alongside the availability of more approachable Ada compilers, its use has been raising.
At least it is a common presence at high integrity systems conferences, and being used in medical devices, avionics, robotics and train control systems.
From what I have been seeing at FOSDEM every year. AdaCore even had the opening keynote a few years back.
[0] bug fixing exploits, memory sanity tooling, research to improve the language, hardware changes (e.g. Intel MPX)
Yes, and those non-validated compilers, and even the validated ones, had lots of bugs. We had to get legal with a compiler vendor because of the number of bugs. This took disassembling the compiler on our end to prove our points.
"Ada is safe". Yes, if it outputs correct code. Otherwise, not so much. Lives were at stake here, and like you say, I'm not sure all the vendors were prepared for what that meant in terms of their product.
I really enjoyed working with Ada, but don't think I would want to go back to it today.
This is true to this day per IRONSIDES paper [1]. Made me consider using Ada as an executable specification language to be converted to equivalent C/C++ and compiled that way. They need to just do a functional implementation of the compiler in a language such as Ocaml with extensive testing. That's what Esterel did for SCADE generator. They said Ocaml compiler stages were easy to trace down to object code. So, that helps with the chicken and egg problem a bit. Alternatively, implement it in the VLISP, PreScheme, or VeriML that were formally verified for correctness.
The big problem in the early days was getting a compiler. DoD had a test suite for the compiler, and only compilers that passed could use the Ada name. They also had a "floor equals ceiling" rule - no missing features, no extra features. Compilers were to be feature-compatible.
That's how aerospace does things. The interface spec defines the interface. If something is incompatible with the interface, it's defective. It's why you can take Pratt and Whitney engines off a 767 and put on GE or Rolls Royce engines. DoD took the position that a compiler was a part with a specification.
Ada was a big language back then, and some of the compiler companies underestimated the job. Ada compilers were quite expensive - one for the M68000 was $40,000. I ordered that one when I was with a big aerospace company. When it showed up as a magnetic tape, it came with an unexpected cover letter, saying that this wasn't a validated compiler, and the validated compiler would follow - someday. No go. Quality control reject. Red tag attached: "REJECTED BY INCOMING INSPECTION - DOES NOT CORRESPOND TO SPECIFICATION". Purchase order says "validated compiler". Tape returned to vendor. Vendor tries to get out of giving refund. Legal department hammers vendor until they pay up. Meanwhile, another vendor ships a validated compiler, and that is ordered and used. That's how aerospace used to do things.
The compiler price was a big problem for non-Government customers. That contributed to the lack of adoption. We had great hopes for Ada, having used Modula successfully. But it was not to be.