Ada Core25 Gray

AdaCore is 25: What have we done and where are we going?

Reflections by Franco Gasperoni and Cyrille Comar

In July 2019, AdaCore is turning 25. On the occasion of this significant anniversary, we want to look back on where we have travelled, where we are now, and where we are going, in our efforts to support your organization and those like it around the world that are developing critical, software-intensive systems in an increasingly challenging software-dependent world.

Ada was born out of the dream of the US Department of Defense (DoD) to address the “software crisis” of the 70s. In 1974, the DoD estimated that half of its software costs were attributed to embedded systems for which the number of languages in use was in the hundreds, each with varying degrees of success and cost. The DoD decided to tackle this problem with a new programming language for embedded systems. Ada was the result: a beautiful language founded on strong software-engineering principles.  Unfortunately, the dream had unrealistic expectations as there are more aspects to "solving" the software crisis than just providing a great programming language. Things were further complicated by (a) the mismatch between hardware capabilities of workstations at the time and the needs of Ada compilers (lack of address space and speed) and (b) a rush to mandate Ada’s usage.

Some years later, in 1994, as Ada was undergoing its first significant revision, AdaCore was born out of the GNAT project at New York University to develop a compiler for the new language. Our goal, first at NYU and then at AdaCore, was to make Ada more attractive by offering high-quality tools as openly as possible. From NYU, we carried with us the drive to create useful tools, while advancing the state of the art, and openly sharing the results of our work.

Not only have we innovated technically - with type-safe source-based compilation and ease in interfacing Ada with other programming languages - but we have also offered more value by adopting a business model that does not depend on closed intellectual property or patents. Instead, our tools are licensed freely: they have no locks, come with source code, and can be redistributed (among other things). They leverage the work of a large software community in which we actively participate.

Additionally, we provide front-line engineering assistance, which puts our experts and engineering team just a few clicks away from our users. Finally, our subscription-based model, now widely used by many tool vendors, was a significant innovation in 1994.

Throughout the past 25 years, we have sought to reinforce Ada’s original promise of sound and convenient software engineering. Ada has proved to be a language of choice in critical domains such as Aerospace and Defense, and has also made inroads in areas such as transportation and medical systems, and we have succeeded in building a thriving industrial community that takes advantage of Ada’s benefits. We continue to foster the Ada ecosystem at large by making it easy for academics and newcomers to experiment with Ada by using and/or modifying our comprehensive and integrated toolset available through our community site ( and by offering online Ada and SPARK courses (

Our dream of building on Ada’s original promise has evolved as the company has grown. The new safety and cyber-security challenges that the industry faces today require advances in the soundness of software engineering. Wide industry adoption of advanced static analysis and formal program verification are attractive ways to answer some of these challenges. We are actively working on making these techniques easy to adopt by our industrial users through products such as SPARK Pro and CodePeer.

Languages and analysis tools are one aspect of software engineering; certification is another. Particularly relevant to our customers are the engineering standards in aeronautics, space, railway, medical, and automotive for software certification. Recognizing the importance that certification plays for critical software systems, we have invested heavily in these activities and participated in international standardization efforts in these domains. We are currently working with international experts and domain-specific authorities to evolve these standards to provide assurance to software-intensive systems.

Because such industrial systems also use other programming languages and development paradigms, we are working on expanding our tool offerings.
We now offer fully supported C and C++ compilers that integrate seamlessly with our Ada compiler, debugger, and integrated development environment.

Additionally, we are developing QGen, a tunable code generator, target-based model debugger, and model verification tool suite for a safe subset of the Simulink® and Stateflow® modeling languages. Moreover, we are qualifying QGen to the highest level, so that customers who seek to use model-based development in a certification context can dramatically reduce their verification and certification costs.

Finally, we are investigating system-to-software integrity, the preservation of system-level properties throughout all phases of system and software development. We recognize that systems engineers must ensure that the critical properties they have identified at the system level are preserved in software, but they lack well-supported tools to do so. Leveraging our experience with QGen, SPARK, and GNAT, we’re working to build these tools.

Because modern software-intensive systems are facing hostile environments with malicious attackers, we are also moving our innovative focus to help solve some of the security challenges faced by the industries we serve. Formal analysis tools like SPARK are extremely useful in this context. Since security intruders exploit even the tiniest crack, we are hardening our Ada/C/C++ compilers and code generators to make object code more robust to attacks.
Our goal remains to help your organization build software that matters. Thank you for putting your trust in AdaCore.

AdaCore — The First 25 Years

Reflections by Edmond Schonberg and Richard Kenner

Adacore emerged as a software company in 1994 after a 15-year involvement of a New York University team in defining and implementing the then-new programming language Ada. The NYU team, whih included at the time two of the founders of AdaCore, constructed an executable definition of the language using a high-level language based on Set Theory. Building such an executable definition was seen by the project sponsors (the US Department of Defense) as indispensable in proving that the language, which was remarkably complex for the times (strong typing, concurrency, generics, ...) was actually implementable. This definition, in the form of a denotational interpreter, underwent what was the first official validation of an Ada translator, and served at the same time to validate the just-created test suite (known then as the ACVC, now the ACATS).

The development in programming language design in the following decade, in particular the spread of object-oriented methodologies in software engineering, made it imperative to revise and update the language, and a design team, under the leadership of Tucker Taft (now at AdaCore) proposed an ambitious upgrade to Ada83, which presented again significant challenges to compiler implementors. The NYU team received a contract from the US Air Force to prototype the new language features to ascertain the feasibility of its implementation, and to give feedback to the language design team. The result was sufficiently convincing that a) the design of Ada 95 was approved (after legendary discussions between the two groups) and b) the resulting prototype appeared interesting enough to justify the creation of a commercial company that would ensure its completion and maintenance. AdaCore started with six engineers in founder Robert Dewar's loft apartment, with machines on loan from our first customer.

A critical decision in the construction of GNAT (the "GNU NYU Ada Translator") was the adoption of Freely Licensed Open Source Software (FLOSS) tenets in our software practice, with the choice of GCC, the GNU compiler, as its common code generator. Spirited discussion with Richard Stallnan made us understand better the FSF philosophy, and led us to the current business model of AdaCore: open sources, continuous support, intense interaction with users, language designers, and the software community at large. A critical component of our work is the extent to which we respond to customer reports, requests, suggestions, from targeting the sytem to new processor architectures to the crafting of better error messages to guide the novice.

A side activity that enlivened the early presence of AdaCore at Ada language conferences was the presentation of fully staged musical performances of Gilbert and Sullivan operettas, whose lyrics were carefully rewritten to sound funny to nerds. The idea for this came from our late founder Robert Dewar, who apart from being one of the most brilliant software designers of his generation, was a consummate musician, singer and conductor. We also benefited from the presence in our staff of a superb soprano who came to embody Lady Ada and wore a Victorian dress inspired by portraits of Ada Lovelace. The first memorable performance involved a much revised version of "Trial by Jury" that became "The Maiden and the Mandate", and among other things, poked fun at the DOD attempt to have all new DOD programs use Ada exclusively in its software. The failure of this mandate encouraged us to develop well-integrated multi-language tools for today's language-agnostic projects (as long as Ada remains a central component). For a while we used the slogan "The well-tempered software company" to reflect the musical side of our work!

The last decade has seen critical developments in the art and science of Software Engineering, and in the construction of analysis tools to make programs correct, robust, modular, and modifiable. The progress in formal methods (as well as the orders-of-magnitude speed improvements in hardware) have made formal analysis of large systems practical, and the development of SPARK and CodePeer have become centerpieces of our activity. We feel that these tools, as well as the continuous enhancements of our compiler and the ongoing developent of Ada as a language, promise us an extremely productive decade ahead. We are confident that our customers and users will accompany us as we continue to develop tools that help us all build Software That Matters.