Re: Java on mission-critical systems
Michael C. Alonzo (mikhz@pacific.net.ph) wrote To debian-java@lists.debian.org on Mon, Feb 18, 2002 at 09:40:15PM +0800:
> my class is doing a prototype of a call center, ala
> rescue 911... i suggested to them that we use Java but they
> are having doubts if java can be use in mission-critical systems.
> can someone cite a company or a corporation or some system that uses
> java in their mission-critical systems?
We use Java for map-based outage management in electric utility
operations centers.
see http://www.partnersoft.com
With a few fairly simple additions to your
software (e.g. reliable logging, including catching all STDERR and
flushing your log files
on VM shutdown) you can capture all errors other than out of memory
and VM bugs. The various VMs have gotten very reliable; our system hub
software (used in our design/job management system) is routinely up
for weeks; it typically can stay up longer than the NT servers it
usually runs on.
If uptime is an issue, be sure to watch memory usage over long periods
of time and system stress. You can still have memory leaks in Java
- just not as conveniently as C :-).
I consider the following to be the critical factors in critical
systems:
1) no bugs in critical areas
2) hard separation between subsystems (including full try/catch
(Exception oops) to catch and log all errors generated by subsystems
and procedures such as saving files)
3) very reliable logging, including full stack trace
4) no chronic or longterm degenerative behavior, such as a memory leak
5) solid VM with no degenerative bugs or critical bugs of its own
6) good hardware/os substructure
In general, (1) and (6) are a requirement for any implementation
language, (2), (3) and (4) are IMHO easier to achieve in Java than in
other languages. (5) is a Java-specific issue, but I've not had any
problems with 1.3 VMs as far as uptime or critical bugs. IBM 1.1.x for
windows had some sort of degenerative bug I never found - it would
crash after a few days of uptime.
Our software isn't generally critical in the sense of someone's life being on
the line, or millions of dollars in cash; but it does help the
utilities get power turned on more quickly to people who may be
freezing/roasting to death in their homes etc., old people, etc. And
it does increase safety as far as letting the ops know where their
people are and aid analysis of which circuit is bad etc.
Having worked on toxic waste
cleanup analysis etc. I personally set a high standard on the word
"mission critical" - I consider that sort of thing to be like atm
software (lots of money), heart monitors (loss of life), or
space-shuttle flight systems (both). Frankly, I wouldn't trust any
language for these kinds of systems; you have to have a really
seriously hard-core systematic approach to development that is totally
different from the usual hackery. And I absolutely would not deploy
such a system on a microsoft OS or standard PC hardware, since neither
are reliable in any real sense of the word.
But, for more common levels of "mission critical" I think Java is
perfect. It insulates you from most common C bugs, it has better
self-knowledge (in terms of monitoring the VM from within, stack
traces, etc.) than most languages, and, very important for me, it adds
an insulation and abstraction layer over the OS that prevents me from
being caught (usually) by Windows bugs, since most of our clients run
Windows.
So tell them to stuff it; I've been writing full-time in Java for six years now
and it's more than adequate for what you're describing.
--
Paul Reavis preavis@partnersoft.com
Design Lead
Partner Software, Inc. http://www.partnersoft.com
Reply to: