Well it all depends how 'hard' your real-time is. If you go with Atego/aonix, you can get down to almost-C-Ada-like latencies but be ready to change your java coding style. Sliced-time GC works OK until you put too much pressure on it (concatenating logging strings that you're not going to record or display... allocating tons of small objets for local uses... Programming in 'Classic' java...) and it can't clean up fast enough... In the end you code in a small and sad watered down subset of java... I mean : java is everything (almost, except for primitive types) on the heap ! Avoid java collections (use javolution or hppc-rt instead), avoid auto-boxing, no local allocation, no String concatenation, no Selector API ('select' in java nio...) because it allocates like mad... God help you if you need to stream some amount of data via TCP. And be prepared to spend some time to fine tune the GC. You also take a hit on performance and compilation time compared to hotspot (you need aot compilation for real-time, the java runtime seems not as optimised... Not as many man-decades of work on it).
All in all I'd rank it 'easier' than C in developer comfort and proficiency but frankly, if you don't do C, I'd just go directly to Ada...
I would just argue that un these domains 'Classical C' isn't used, given the constraints regarding language features, using stuff like MISRA-C and similar.
Fully agree with Ada comment, even better if using SPARK.
In any case, many military seem more focused on being easy to hire recruits that already know how to program than training them, hence the ramping up of Java adoption.
Well the argument seems to be that it's easier to hire 'experienced' java developers (hear: have 'java' on their resume...). But the people you get are for the most part either inexperienced (fresh out of school) or you have to break all their classic-java muscle memory. Not sure about the tradeoff here, when you compare training in Ada/SPARK.
You're right about Misra C. Even with Ada you'll end up banning dynamic memory allocation and some stack-exploding stuff, but you still have alternatives like storage pools ('looks-like-dynamic' memory allocation) and Controlled types, and at least you get a stack for structured data types and not just for primitive types...
It's called real-time, garbage collection. It occurs predictably on regular intervals before enough leaks happen to blow missiles up or whatever other tragedy. Aonix and some other vendors have had it for a long time now. Meanwhile, mainstream found out in the past, few years that Go could achieve "low-latency" garbage collection. The field can do more than many of them think given the countless person-years invested in so much GC research and product development. I can't even track all of the GC's especially once they started using genetic algorithms and such to automatically make them.
EDIT to add: It says "Ada" and "Rational." That's an Ada forum. That language has little protection for temporal safety in the 1990's. More than many but not at Rust level or full leak prevention.
It seems they're adding a little bit of it for SPARK but not critical, dynamic part. I asked him at the end if they plan to go full, dynamic safety for full Ada if the SPARK experiment succeeds. Awaiting the reply.
I don't see anything about safety for dynamic, memory management in that link. It just talks about correctness. I'm specifically wanting affine types and ownership system that let SPARK go from static to dynamic.
I do like them splitting it into several levels, though. That worked under Orange Book for security.
Good point :)
I probably should have stuck to picking on Java. Ada is a pretty good example of a language that handles real time use cases with concurrency and memory pools well. That said, it's fallen out of favor in "recent" years.
I've never heard of "real time Java" beforeāis it soft real-time, like Erlang; or hard real-time, like QNX? What are the concurrency primitives? (Threads? Actors?)
...to get a Wikipedia summary, standards body, a tutorial, and probably some products. It's more useful than Google usually is on some terms like this that might muddy up search results.
"The Aegis Weapon System is the premier naval defense system and the sea-based element of the U.S. Ballistic Missile Defense System. Its precision SPY-1 radar and integrated command and control system guides the interceptor and uplinks target track information to the missile for terminal homing. Its ability to detect, track, and engage targets ranging from sea-skimming cruise missiles to ballistic missiles in space is proven."
Good enough for mission critical system, hypersonic rockets, combat system firing at me?
If not, I can provide other ones, better suited to your use cases.
Those go through certification processes. It's been against the rules to use a GC even if it's hard-real-time. Here's an example where the author points out the real-time Java was designed for DO-178B (safety-critical aerospace) but it wasn't until DO-178C that they even considered allowing a GC:
The companies that develop reusable solutions for multiple markets tend to pick something easy to certify or sell to all of them. So, if Java wasn't allowed, they'd lean toward something else in their products targeting highest-assurance just to reduce costs. That's mostly been assembly, C and Ada that I've seen.
Meanwhile, we do have proof it can be done in things such as the Sandia Secure Processor that they'll use for some of highest-assurance applications. The first-pass silicon they got was also nice. The best articles by Wickstrom et al on SSP are paywalled in ACM and IEEE if you have access. If not, there's a link below on how they built it with brief description of it under "Score processor," another name.
Each of them is a company making serious money in embedded systems. A few do safety-critical. I'll let you wonder whether they were in their right mind for building Java apps and using Java runtimes that don't seem to fail in high-stakes circumstances.
For instance, what will your hypersonic rocket do while garbage collection is running instead of it's real-time control loops?