Advertisement

MISRA C:2012 – A new set of coding guidelines

A tool to improve software quality and reliability

MISRA C was initially developed to improve software quality in automotive applications, but its use has extended into almost every application where software defects can affect safety or cause commercial damage.

The Motor Industry Software Reliability Association (MISRA) defined a subset of the C language that removes a lot of potential programming problems. For the Engineer writing in C, designing a safe program not only demands that the program run as it was designed to, the program must also run correctly when ported to a different environment and, just as important, the source code must be very clearly written for others that may read it later. This will reduce potential problems when, and if, the software is further developed.

A new version of the guidelines, MISRA C:2012 (see Fig. 1 ) will be published on March 18, 2013. With MISRA C now the most widely used coding standard for the C language, why did MISRA decide to develop a new version? There were several reasons, including strong support for C99, responding to user feedback, and an acknowledgement that improvements could be made.

FAJH_PQRA_Software_1S_Apr2013

Fig. 1:  A comparison of MISRA C versions.

Support for C99

The previous version of the guidelines, MISRA C:2004, required that code should conform to C90 (“ISO/IEC 9899:1990, Programming Languages – C”). At the time this made sense, with few compilers offering support for C99, and even fewer projects using the new standard (C11).

C99 had added some useful new features to the language, such as inline functions and type _Bool. Unfortunately it had also introduced a range of new hazards. MISRA C:2012 now supports C99 with the addition of a number of new rules designed to combat some of the additional dangers.

Rule Definition

Widespread use of the guidelines over a number of years has clearly provided valuable feedback from the user community. Rules are now better defined, explained, and justified to address areas where there was some confusion.

Rule Classification

In the past, rules were classified as either Advisory or Required . In MISRA C:2012 a third class has been introduced – Mandatory – to identify rules for which deviations are never permitted.

Rule Enforceability

A characteristic of prime importance for any coding rule is the extent to which it can be enforced using static analysis: a rule that cannot be enforced automatically requires expensive and time-consuming manual code reviews to ensure compliance. The enforceability issue has been recognized in MISRA C:2012 in three ways.

  1. A distinction has been drawn between rules and directives , MISRA C:2012 contains 143 rules and 16 directives. Rules are precisely defined and can be enforced solely by analysis of the source code; but compliance with directives may require reference to design documentation, functional requirements, or some degree of subjective judgment or interpretation.
  2. Rules are classified as either “single translation unit ” or “system ” rules — reflecting the scope of the analysis which will be necessary in order to claim compliance.
  3. Finally, rules are classified as either decidable or undecidable. If a rule is decidable, it should be possible, in theory, for an analysis tool to decide unequivocally whether the rule has been violated or not. If a rule is undecidable , it will not be possible for a tool to guarantee compliance in all circumstances however sophisticated the analysis techniques may be.

MISRA C:2012: Worth looking into

The new version of MISRA C is larger than the last but the number of rules has not increased greatly. There are new requirements but these are relatively few and code which complies with MISRA C:2004 is likely to comply with MISRA C:2012 with relatively little modification.

The rapidly increasing reliance on software is focusing more and more attention on the critical importance of ensuring reliability. MISRA C:2012 is a further step forward and an indispensable resource for anyone developing systems in C who cares about software quality.

A number of companies, including PRQA (Programming Research), provide resources for MISRA C:2012. PQRAs resources include fact sheets, videos and white papers to help developers find out about the new standard.

Advertisement



Learn more about Programming Research

Leave a Reply